Zpomalený NTB
Napsal: 18 srp 2014 22:02
Zdravíčko, klasika, zase něco nejede nebo je to pomalé, načítá se mi to cca 5 minut 
Tak si říkám, že bych s tím měl něco udělat, stáhl jsem si adwcleaner aj jrt. Logy sem dám, ale stále je to také zasekané Tak se ptám, jestli mi prosím neporadíte, co mám ještě udělat?
Rsit:
Logfile of random's system information tool 1.10 (written by
random/random)
Run by Johny at 2014-08-18 22:49:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (7%) free of 295 GB
Total RAM: 3956 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:49:27, on 18.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\WakeWorker\WakeWorker.exe
C:\Program Files (x86)\Common Files\LightScribe
\LightScribeControlPanel.exe
C:\Users\Johny\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Johny\AppData\Local\Programs\Google\Google+ Auto Backup\Google+
Auto Backup.exe
C:\Program Files (x86)\WhatPulse2\whatpulse.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Users\Johny\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup
\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\SysWOW64\WTClient.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ACDaemon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ArcCon.ac
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Anvisoft\Cloud System Booster
\CloudSystemBooster.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Johny\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\syswow64\MsiExec.exe
C:\Program Files\trend micro\Johny.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:
\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-
0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:
\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-
A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-
9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:
\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:
\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech
Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager
\LManager.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple
\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero
BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe
\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common
Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe
\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files
(x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe
\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop
\avgnt.exe" /min
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files
(x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files
(x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-
software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies
\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common
Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files
(x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime
\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KORG USB-MIDI Driver] C:\Program Files (x86)\KORG\KORG
USB-MIDI Driver\EsHelper2.exe /s
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira
\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools
Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [WakeWorker] C:\Program Files (x86)\WakeWorker
\WakeWorker.exe -h
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Johny\AppData
\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Johny\AppData
\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -
AutoStart
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files
(x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Johny\AppData\Local
\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
O4 - HKCU\..\Run: [WhatPulse] "C:\Program Files
(x86)\WhatPulse2\whatpulse.exe"
O4 - HKCU\..\Run: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie
\bin\NETGEARGenie.exe" -mini -redirect
O4 - HKCU\..\Run: [CloudSystemBooster] "C:\Program Files (x86)\Anvisoft
\Cloud System Booster\CloudSystemBooster.exe" /hide /autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Johny\AppData\Roaming\uTorrent
\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Johny\AppData\Local
\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar
\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
(User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar
\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
(User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Startup: JDownloader.lnk = C:\Program Files (x86)\JDownloader
\JDownloaderPortable.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files
\McAfee Security Scan\3.8.150\SSScheduler.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY
\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer
\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-
D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer
\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer
\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-
D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer
\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-
5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office
\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-
8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office
\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-
2923E76605DA} - C:\Program Files (x86)\Microsoft Office
\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-
4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office
\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-
46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote -
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft
Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-
9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software
\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM
\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files
\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files
\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program
Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:
\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program
Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} -
C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:
\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ACService.exe
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) -
Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 9
Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe
Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM
\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service
(AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows
\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner -
C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows
\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira
Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop
\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira
Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop
\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations
GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) -
Anvisoft - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files
(x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira
Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira
\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:
\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo
Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon
\dragon_updater.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. -
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown
owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:
\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown
owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files
(x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files
(x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. -
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. -
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files
(x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner -
C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC
\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000
(IEEtwCollectorService) - Unknown owner - C:\Windows
\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows
\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program Files
(x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program
Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local
Management Service (LMS) - Intel Corporation - C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: M-Audio Series II MIDI Installer
(MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files (x86)\M-
Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: McAfee Security Scan Component Host Service
(McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security
Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla
Foundation - C:\Program Files (x86)\Mozilla Maintenance Service
\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows
\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200
(NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files
(x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program
Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files
(x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown
owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) -
Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown
owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico
\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:
\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown
owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown
owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown
owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files
(x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files
(x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel
\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) -
Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User
Notification Service (UNS) - Intel Corporation - C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) -
M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -
C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner
- C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) -
Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) -
Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WinTab Service (WinTabService) - Unknown owner - C:
\Windows\System32\Drivers\WTSRV.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -
Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101
(WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media
Player\wmpnetwk.exe (file missing)
--
End of file - 19861 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows
SharedSection=1024,20480,768 Windows=On SubSystemType=Windows
ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4
ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows
SharedSection=1024,20480,768 Windows=On SubSystemType=Windows
ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4
ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 22276144
\??\C:\Windows\system32\conhost.exe "16478669021978202645-567517521-
10506926212535466101447597170-1470834971-1210462201
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ACService.exe"
"c:\Program Files (x86)\Adobe\Elements 9 Organizer
\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management
\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS
\LMS.exe"
"C:\Program Files (x86)\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe"
"C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup
\IScheduleSvc.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"taskhost.exe"
taskeng.exe {D3AA64B9-F4E4-4EFC-A20A-9E17C831BEFE}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files\KMSpico\Service_KMS.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
adb fork-server server
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe"
avshadowcontrol0_00000798
"C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe"
"C:\Windows\System32\Drivers\WTSRV.EXE"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3240
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Apoint2K\Apoint.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management
\ePowerTray.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Packard Bell\Packard Bell Power Management
\ePowerEvent.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir
"C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program
Files (x86)\Steam\config\cookies" -steampid 3992 --blacklist-accelerated-
compositing --process-per-tab
"C:\Program Files (x86)\WakeWorker\WakeWorker.exe" -h
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-
780D8591C113}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"Apntex.exe"
"C:\Program Files\Apoint2K\HidFind.exe"
\??\C:\Windows\system32\conhost.exe "1499701642-
143529409014152527356257277981096058751-2025634251-634280491-275823989
"C:\Program Files (x86)\Common Files\LightScribe
\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
szndesktop.exe default start
"C:\Users\Johny\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1579147385453772974931629912-
65750502813554364471447575830-1409298331326634671
"C:\Users\Johny\AppData\Local\Programs\Google\Google+ Auto Backup\Google+
Auto Backup.exe" /autostart
"C:\Program Files (x86)\WhatPulse2\whatpulse.exe"
"C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -
redirect
"C:\Users\Johny\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup
\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe" -Xmx512m -
Dsun.java2d.d3d=false -jar "C:\Program Files (x86)\JDownloader
\JDownloader.jar"
"C:\Windows\System32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Windows\System32\WTClient.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ACDaemon.exe"
ArcCon.ac 131614 0
"C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe"
"C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe" /s
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:/Program Files (x86)/Anvisoft/Cloud System
Booster/CloudSystemBooster.exe" /hide /autorun /svc
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth
Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
genie2_tray.exe -start _NETGEARGenieTray_{dc834a33-2533-41e1-a452-
b09be9fc1f6c}_1_
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-
process --channel="760.0.2116197964\1884049159" --supports-dual-gpus=false
--gpu-driver-bug-workarounds=0,1,14,28 --gpu-vendor-id=0x1002 --gpu-
device-id=0x68c1 --gpu-driver-vendor="Advanced Micro Devices, Inc." --
gpu-driver-version=12.104.0.0 --ignored=" --type=renderer "
/prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --
type=renderer --lang=cs --force-
fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-
default/ChromeSuggestions/Most Likely with
Kodachrome/ExtensionInstallVerification/Enforce/GoogleNow/Default/Prerende
r/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPD
Y/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/Sho
wPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-
Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-
Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-
Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-
Trial-1-Percent/group_30/UMA-Uniformity-Trial-10-Percent/group_07/UMA-
Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-
Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-
Trial-50-Percent/default/UMAStability/SeparateLog/" --extension-process
--renderer-print-preview --enable-threaded-compositing --enable-
delegated-renderer --enable-deadline-scheduling --enable-software-
compositing --channel="760.2.1642546513\4001581" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --
type=renderer --lang=cs --force-
fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-
default/ChromeSuggestions/Most Likely with
Kodachrome/ExtensionInstallVerification/Enforce/GoogleNow/Default/Prerende
r/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPD
Y/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/Sho
wPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-
Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-
Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-
Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-
Trial-1-Percent/group_30/UMA-Uniformity-Trial-10-Percent/group_07/UMA-
Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-
Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-
Trial-50-Percent/default/UMAStability/SeparateLog/" --renderer-print-
preview --enable-threaded-compositing --enable-delegated-renderer --
enable-deadline-scheduling --enable-software-compositing --
channel="760.3.68430184\654259483" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --
type=renderer --lang=cs --force-
fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-
default/ChromeSuggestions/Most Likely with
Kodachrome/ExtensionInstallVerification/Enforce/GoogleNow/Default/Prerende
r/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPD
Y/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/Sho
wPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-
Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-
Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-
Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-
Trial-1-Percent/group_30/UMA-Uniformity-Trial-10-Percent/group_07/UMA-
Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-
Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-
Trial-50-Percent/default/UMAStability/SeparateLog/" --renderer-print-
preview --enable-threaded-compositing --enable-delegated-renderer --
enable-deadline-scheduling --enable-software-compositing --
channel="760.4.785772413\1705234283" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi
--channel="760.7.91800130\854945158" --ppapi-flash-
args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer "
/prefetch:-632637702
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS
\UNS.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global
\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -
2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft
\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\splwow64.exe 8192
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-
AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
PriorityLow
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Johny\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe"
/installmethod=jau FAMILYUPGRADE=1
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\SysWOW64\\msiexec.exe" /i "C:\Users\Johny\AppData\LocalLow
\Sun\Java\jre1.7.0_67\jre1.7.0_67-pfrom51-b13.msi" SPWEB=http://javadl-
esd.sun.com/update/1.7.0/sp-1.7.0_67-b01 METHOD=jau SKIPLICENSE=1 PROG=0
ENDDIALOG=0 SKIPLICENSE=1
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe -Embedding
5ED471FC2EDB24C127BA32AD8181035F C
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --
type=renderer --lang=cs --force-
fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-
default/ChromeSuggestions/Most Likely with
Kodachrome/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/H
wVideo/GoogleNow/Default/NetworkConnectivity/disable_network_stats/Prerend
er/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SP
DY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/Sh
owPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-
Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-
Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-
Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-
Trial-1-Percent/group_30/UMA-Uniformity-Trial-10-Percent/group_07/UMA-
Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-
Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-
Trial-50-Percent/default/UMAStability/SeparateLog/" --renderer-print-
preview --enable-threaded-compositing --enable-delegated-renderer --
enable-deadline-scheduling --enable-software-compositing --
channel="760.9.1876764748\133794101" /prefetch:673131151
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\syswow64\MsiExec.exe -Embedding
24D0A01B18423E0531C9C00E96B686D9
"C:\Users\Johny\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\syswow64\MsiExec.exe -Embedding
0ED0B2D78C451767E9F4559362B2868B M Global\MSI0000
"C:\Program Files (x86)\Java\jre7\\patchjre.exe" -s "C:\Program Files
(x86)\Java\jre7"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows
\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1314750387-2638282084-
1046222022-1000Core.job - C:\Users\Johny\AppData\Local\Facebook\Update
\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1314750387-2638282084-
1046222022-1000UA.job - C:\Users\Johny\AppData\Local\Facebook\Update
\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Johny\AppData\Roaming\Mozilla\Firefox\Profiles
\1ax2csqq.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar
\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@esn/npbattlelog,version=2.3.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@graphisoft.com/GDL Web Plug-in]
"Description"=
"Path"=C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@java.com/DTPlugin]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre6\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins
\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration
\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins
\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Johny\AppData\Roaming\Mozilla\Firefox\Profiles\1ax2csqq.default
\extensions\
abs@avira.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office
\Office15\OCHelper.dll [2014-07-27 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL
[2014-01-22 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:
\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-07-27 2335960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan
\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office
\Office15\OCHelper.dll [2014-05-21 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
[2013-10-12 329504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files
\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
[2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:
\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL [2014-07-27 1730256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin
\jp2ssv.dll [2013-10-12 59168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat
\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer
\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files
(x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08
343424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
[2010-06-10 324608]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-29
11101800]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-10-22 325120]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power
Management\ePowerTray.exe [2011-01-05 860040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE
\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
[2012-03-09 462712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-08-14 1937600]
"AdobeBridge"= []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
[2013-03-14 3672640]
"WakeWorker"=C:\Program Files (x86)\WakeWorker\WakeWorker.exe [2013-03-02
686080]
"cz.seznam.software.autoupdate"=C:\Users\Johny\AppData\Roaming\Seznam.cz
\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Johny\AppData\Roaming\Seznam.cz
\bin\wszndesktop.exe [2013-04-12 92664]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-08-07 3600728]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files
\LightScribe\LightScribeControlPanel.exe [2013-01-16 2736128]
"Google+ Auto Backup"=C:\Users\Johny\AppData\Local\Programs\Google\Google+
Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]
"WhatPulse"=C:\Program Files (x86)\WhatPulse2\whatpulse.exe [2014-04-17
3054592]
"NETGEARGenie"=C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
[2014-04-22 596480]
"CloudSystemBooster"=C:\Program Files (x86)\Anvisoft\Cloud System Booster
\CloudSystemBooster.exe [2014-05-29 527544]
"uTorrent"=C:\Users\Johny\AppData\Roaming\uTorrent\uTorrent.exe [2014-06-
13 1267536]
"Facebook Update"=C:\Users\Johny\AppData\Local\Facebook\Update
\FacebookUpdate.exe [2014-07-11 138096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion
\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Packard
Bell MyBackup\BackupManagerTray.exe [2010-06-29 263936]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-11
975952]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application
Support\APSDaemon.exe [2013-09-13 59720]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
[2011-11-18 1492264]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard
\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe
\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[2013-11-21 959904]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\Acrobat_sl.exe [2014-05-08 41336]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat
\Acrotray.exe [2014-05-08 840568]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-08-07
751184]
"WTClient"=C:\Windows\system32\WTClient.exe [2009-10-30 32768]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft
\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz
\distribution\szninstall.exe [2013-05-16 1062472]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
\CLIStart.exe [2013-03-28 642656]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update
\jusched.exe [2013-07-02 254336]
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin
\FTBCheckUpdates.exe [2013-11-12 2532864]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17
421888]
"KORG USB-MIDI Driver"=C:\Program Files (x86)\KORG\KORG USB-MIDI Driver
\EsHelper2.exe [2013-05-31 394096]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
[2014-07-14 190032]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan
\3.8.150\SSScheduler.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Users\Johny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
\Startup
JDownloader.lnk - C:\Program Files (x86)\JDownloader
\JDownloaderPortable.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies
\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
\explorer]
"NoDriveTypeAutoRun"=149
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies
\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess
\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess
\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.CDV5"=cdv5codc.dll
"vidc.CLLC"=cllccodc.dll
"vidc.CUVC"=cuvccodc.dll
"vidc.CDVC"=cdvccodc.dll
"vidc.CDVH"=cdvhcodc.dll
"vidc.CMIC"=cmiccodc.dll
"vidc.CHQX"=chqxcodc.dll
"vidc.C210"=c210codc.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
"midi5"=KORGUM64.DRV
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi9"=wdmaud.drv
"aux4"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"aux9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-08-18 22:37:28 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-08-18 22:36:34 ----D---- C:\AdwCleaner
2014-08-18 22:33:32 ----D---- C:\Program Files\trend micro
2014-08-18 22:33:31 ----D---- C:\rsit
2014-08-18 18:18:32 ----D---- C:\Windows\ERUNT
2014-08-18 02:30:50 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-18 02:30:50 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-18 02:30:49 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-18 02:30:49 ----A---- C:\Windows\system32\icardagt.exe
2014-08-18 02:30:47 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-18 02:30:47 ----A---- C:\Windows\system32\icardres.dll
2014-08-18 02:30:21 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-18 02:30:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-18 01:06:31 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-18 01:06:31 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-18 01:06:31 ----A---- C:\Windows\system32\msi.dll
2014-08-18 01:06:31 ----A---- C:\Windows\system32\authui.dll
2014-08-18 01:06:30 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-18 01:06:30 ----A---- C:\Windows\system32\msihnd.dll
2014-08-18 01:06:30 ----A---- C:\Windows\system32\consent.exe
2014-08-14 19:21:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 19:21:48 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 19:21:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 19:21:31 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 19:21:31 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 19:21:23 ----A---- C:\Windows
\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 19:21:23 ----A---- C:\Windows
\system32\JavaScriptCollectionAgent.dll
2014-08-14 19:21:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 19:21:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 19:21:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 19:21:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 19:21:21 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 19:21:21 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 19:21:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 19:21:20 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 19:21:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 19:21:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 19:21:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 19:21:19 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 19:21:19 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 19:21:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 19:21:19 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 19:21:19 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 19:21:18 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 19:21:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 19:21:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 19:21:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 19:21:17 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 19:21:17 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 19:21:16 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 19:21:15 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 19:21:15 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 19:21:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 19:21:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 19:21:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 19:21:14 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 19:21:14 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 19:21:13 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 19:21:13 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 19:21:13 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 19:21:13 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 19:21:12 ----A---- C:\Windows
\system32\MsSpellCheckingFacility.exe
2014-08-14 19:21:12 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 19:21:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 19:21:12 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 19:20:11 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 19:20:11 ----A---- C:\Windows\system32\aeinv.dll
2014-08-14 19:20:10 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 19:20:10 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-07 16:12:20 ----D---- C:\ProgramData\Package Cache
2014-08-06 18:38:01 ----A---- C:\Windows\SYSWOW64\certsentry.dll
2014-08-06 18:38:01 ----A---- C:\Windows\system32\certsentry.dll
2014-08-06 18:37:40 ----D---- C:\Program Files (x86)\Comodo
2014-08-06 18:36:29 ----D---- C:\Program Files (x86)\DsNET Corp
2014-08-06 18:30:25 ----D---- C:\Program Files (x86)\freebird
2014-08-06 13:41:49 ----D---- C:\Users\Johny\AppData\Roaming\AIMP3
2014-08-06 13:41:43 ----D---- C:\Program Files (x86)\AIMP3
======List of files/folders modified in the last 1 month======
2014-08-18 22:49:28 ----D---- C:\Windows\Prefetch
2014-08-18 22:49:25 ----D---- C:\Windows\Temp
2014-08-18 22:49:25 ----D---- C:\Windows\SysWOW64
2014-08-18 22:49:25 ----D---- C:\Program Files (x86)\Java
2014-08-18 22:49:24 ----SHD---- C:\Windows\Installer
2014-08-18 22:49:24 ----SHD---- C:\Config.Msi
2014-08-18 22:48:36 ----SHD---- C:\System Volume Information
2014-08-18 22:48:00 ----D---- C:\Users\Johny\AppData\Roaming\uTorrent
2014-08-18 22:47:28 ----D---- C:\Program Files (x86)\JDownloader
2014-08-18 22:47:05 ----D---- C:\Windows\system32\config
2014-08-18 22:46:31 ----D---- C:\ProgramData\Origin
2014-08-18 22:46:18 ----D---- C:\Windows\System32
2014-08-18 22:46:18 ----D---- C:\Windows\inf
2014-08-18 22:46:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-18 22:45:57 ----D---- C:\Users\Johny\AppData\Roaming\Seznam.cz
2014-08-18 22:41:06 ----D---- C:\Program Files (x86)\Origin
2014-08-18 22:40:22 ----D---- C:\Program Files (x86)\Steam
2014-08-18 22:40:04 ----D---- C:\Program Files\KMSpico
2014-08-18 22:39:55 ----A---- C:\Windows\SYSWOW64\log.txt
2014-08-18 22:39:40 ----RD---- C:\Program Files (x86)
2014-08-18 22:38:08 ----D---- C:\Windows\system32\Tasks
2014-08-18 22:38:07 ----D---- C:\Windows\Tasks
2014-08-18 22:38:07 ----D---- C:\Windows\system32\drivers
2014-08-18 22:37:57 ----A---- C:\Windows\win.ini
2014-08-18 22:37:50 ----HD---- C:\ProgramData
2014-08-18 22:33:32 ----RD---- C:\Program Files
2014-08-18 20:29:33 ----D---- C:\Windows\rescache
2014-08-18 18:18:32 ----D---- C:\Windows
2014-08-18 18:06:57 ----D---- C:\Windows\Microsoft.NET
2014-08-18 18:06:11 ----RSD---- C:\Windows\assembly
2014-08-18 17:45:26 ----D---- C:\Windows\winsxs
2014-08-18 17:41:40 ----D---- C:\Windows\ehome
2014-08-18 17:41:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-18 17:41:23 ----D---- C:\Windows\system32\cs-CZ
2014-08-18 17:41:18 ----D---- C:\Program Files\Internet Explorer
2014-08-18 17:41:17 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-18 17:41:16 ----D---- C:\Windows\PolicyDefinitions
2014-08-18 17:41:15 ----D---- C:\Windows\system32\en-US
2014-08-18 17:41:10 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-18 02:53:56 ----D---- C:\ProgramData\Microsoft Help
2014-08-18 02:50:32 ----D---- C:\Windows\system32\catroot2
2014-08-18 02:50:32 ----D---- C:\Windows\system32\catroot
2014-08-18 02:29:58 ----SD---- C:\Windows\system32\CompatTel
2014-08-13 21:26:42 ----D---- C:\Program Files (x86)\The KMPlayer
2014-08-13 20:40:40 ----D---- C:\Windows\system32\wfp
2014-08-13 20:40:40 ----D---- C:\Windows\system32\DriverStore
2014-08-13 20:40:40 ----D---- C:\Windows\system32\CodeIntegrity
2014-08-13 20:40:39 ----D---- C:\Windows\system32\wbem
2014-08-13 20:40:39 ----D---- C:\Windows\registration
2014-08-07 16:12:33 ----D---- C:\Program Files (x86)\Avira
2014-08-07 16:12:31 ----D---- C:\ProgramData\Avira
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-03 10:26:26 ----D---- C:\Program Files\Microsoft Silverlight
2014-08-03 10:26:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-08-03 10:26:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance
Service
2014-07-24 10:26:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-19 10:54:23 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto,
3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
[2010-03-03 540696]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS
\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows
\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03
56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11
-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-06-05
130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-26
28600]
R1 cdrblock;cdrblock; C:\Windows\system32\DRIVERS\cdrblock.sys [2008-05-30
34360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows
\system32\DRIVERS\dtsoftbus01.sys [2013-05-06 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS
\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2009-09-21
71040]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-07-01
117712]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2009-
03-13 318464]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2012-11-19
11576]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS
\TurboB.sys [2009-11-02 13784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29
11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29
581120]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows
\system32\DRIVERS\Apfiltr.sys [2009-10-22 272432]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows
\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows
\system32\DRIVERS\bcmwl664.sys [2011-03-02 4720704]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows
\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows
\system32\drivers\RTKVHD64.sys [2010-07-29 2445672]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows
\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
R3 NPF;WinPcap Packet Driver (NPF); C:\Windows\system32\drivers\NPF.sys
[2013-04-30 35344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-
06 18432]
R3 PTSimBus;PenTablet Bus Enumerator; C:\Windows\system32\DRIVERS
\PTSimBus.sys [2009-06-18 27304]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-
05-06 16896]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows
\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows
\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys
[2009-06-03 507392]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS
[2010-06-10 40448]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service;
C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows
\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS
\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers
\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows
\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers
\btwampfl.sys [2010-06-26 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers
\btwaudio.sys [2010-06-26 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys
[2010-06-26 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS
\btwl2cap.sys [2010-06-26 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-26
21544]
S3 cpuz136;cpuz136; \??\C:\Users\Johny\AppData\Local\Temp
\cpuz136\cpuz136_x64.sys []
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
[2014-01-06 21712]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows
\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys
[2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS
\htcnprot.sys [2012-12-07 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10
6108416]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows; C:\Windows\System32\Drivers
\KORGUM64.SYS [2013-05-31 34136]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E
Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys
[2009-06-20 54272]
S3 MAUSBMIDI;Service for M-Audio USB MIDI Series; C:\Windows
\system32\DRIVERS\MAudioUSBMIDI.sys [2010-04-13 200200]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14
12352]
S3 PTSimHid;PenTablet Simulated HID MiniDriver; C:\Windows
\system32\DRIVERS\PTSimHid.sys [2009-06-18 17064]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows
\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 Tablet2k;Serial Tablet Port Driver; C:\Windows\System32\Drivers
\Tablet2k.sys []
S3 TClass2k;Tablet Class Driver; C:\Windows\system32\DRIVERS\TClass2k.sys
[2009-06-18 27304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21
59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers
\TsUsbGD.sys [2010-11-21 31232]
S3 UCTblHid;HID Tablet Port Driver; C:\Windows\system32\DRIVERS
\UCTblHid.sys [2009-06-18 22696]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys
[2013-07-03 42496]
S3 usbser;Ovladač modemu USB; C:\Windows\system32\drivers\usbser.sys
[2013-08-29 33280]
S4 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys
[2009-08-20 130816]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto,
3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files
\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; c:\Program
Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
[2010-09-30 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files
(x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows
\system32\atiesrxx.exe [2013-03-29 241152]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files
(x86)\Avira\AntiVir Desktop\avguard.exe [2014-08-07 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira
\AntiVir Desktop\sched.exe [2014-08-07 430160]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira
\AntiVir Desktop\AVWEBGRD.EXE [2014-08-07 1021008]
R2 AnviCsbSvc;Anvi Cloud System Booster Speed Service; C:\Program Files
(x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [2014-05-29 42680]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork
\Toolbar\apnmcp.exe [2014-06-14 165784]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software
\btwdins.exe [2010-06-25 952096]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files
(x86)\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch
Manager\dsiwmis.exe [2010-08-11 321104]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard
Bell Power Management\ePowerSvc.exe [2011-01-05 867712]
R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell
\Registration\GREGsvc.exe [2010-01-08 23584]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe
[2009-12-16 3750400]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC
Sync Manager\HSMServiceEntry.exe [2013-11-10 87368]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:
\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2013-01-16
73728]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard
Bell\Packard Bell Updater\UpdaterService.exe [2011-01-31 244624]
R2 LMS;Intel(R) Management and Security Application Local Management
Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\LMS\LMS.exe [2010-03-03 268824]
R2 MA_CMIDI_InstallerService;M-Audio Series II MIDI Installer; C:\Program
Files (x86)\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [2007-01-08
94208]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program
Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR
Genie\bin\NETGEARGenieDaemon64.exe [2014-03-24 225792]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech
Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-29 255744]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV
\PanService\PandoraService.exe [2012-09-28 625304]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files
(x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-11-06 75136]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico
\Service_KMS.exe [2013-03-02 37888]
R2 UNS;Intel(R) Management & Security Application User Notification
Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\UNS\UNS.exe [2010-03-03 2320920]
R2 USBMIDIAudioDevMon;USB MIDI Series Audio Device Monitor; C:\Program
Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [2010-04-13 1636872]
R3 Steam Client Service;Steam Client Service; C:\Program Files
(x86)\Common Files\Steam\SteamService.exe [2014-08-14 833728]
S2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira
\My Avira\Avira.OE.ServiceHost.exe [2014-07-14 141392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN
v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google
\Update\GoogleUpdate.exe [2013-04-30 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater
\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:
\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08
262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent
Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [2013-04-30 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common
\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-
1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:
\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09
289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files
(x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-24
119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files
\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common
Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012
-10-01 5132888]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe
\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe
[2009-11-02 126352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows
\system32\Wat\WatAdminSvc.exe [2013-05-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Johny on po 18.08.2014 at 18:18:41,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1314750387-2638282084-1046222022-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta chrome toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220522032201}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220522032201}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D01E1262-2461-46D4-B1EB-216C68FEF6DB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FE7BDB3C-A04F-48E7-83FF-197F92A3DA0E}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\Users\Johny\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Johny\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Johny\appdata\locallow\minibar"
Successfully deleted: [Folder] "C:\Users\Johny\AppData\Roaming\microsoft\windows\start menu\programs\browserprotect"
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{06D1E5D3-C883-4177-95EF-C8DBD0F645BD}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{0FCE975C-20E1-4AE9-B68F-846C632E34A0}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{123F3FA1-D6A4-4E8B-8443-DB33FF194541}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{1CD219E7-3B19-44F5-AD39-052648D96E7C}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{334343D3-A90E-4183-938E-D18CA3F2292D}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{5B303F50-8D1F-444A-A349-78D810216711}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{60006463-4609-4EEB-9F34-419A38F4410C}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{606E932E-C54D-4F61-BC4A-A8589690378D}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{653F238F-3FC9-4EC1-BA7A-6E4783A252FD}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{72F53889-C99B-4663-8662-99A8D6A63E2A}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{8CF85D14-0BE7-4D1F-87BF-333F8D0795D4}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{963552A0-859D-4E2F-9D0C-9BA2B42EAE4C}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{96B3537E-8BBA-4CF6-9B90-02669281155A}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{9776C81C-5837-4CD9-A684-E519EE77B8C1}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{A01FE6E8-AA10-46DE-AAC0-EC4A69D9D2AB}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{AA9F9DE6-BC0C-4C02-A30B-DE32E67A1D5F}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{B8C5AB87-B2C7-47F3-B504-958101D8EAE9}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{BB8A8982-8867-4D7F-A10D-946247109ACC}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{C05E16AB-183B-4CEA-8C56-C5CCE9A37524}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{D387B502-7DC5-4448-9E9D-2D39ADC1D4F1}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{D5143646-1075-4F21-A69E-8800019BC90B}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{D97017CA-4D5E-4AB3-A82B-9EB0108E5F43}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{E3AD6036-FCF6-4052-A125-315BEE9306A0}
~~~ FireFox
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\user.js
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\searchplugins\babylon.xml
Successfully deleted the following from C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\prefs.js
user_pref("browser.newtab.url", "hxxp://www2.delta-search.com/?affID=119816&tt=gc_&babsrc=NT_ss&mntrId=FA6BC4461913C182");
user_pref("extensions.35ie.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\"
user_pref("extensions.JRSd7nZba.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapa
user_pref("extensions.asktb.ff-original-keyword-url", "");
user_pref("extensions.crossrider.bic", "143da3c4f38543cfe5a2ffef81ec78a3");
user_pref("extensions.dzi_7zGnnv.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apap
user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.b
user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANU
Emptied folder: C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\minidumps [217 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 18.08.2014 at 18:29:55,53
End of JRT log
ADWCleaner
# AdwCleaner v3.305 - Report created 18/08/2014 at 22:37:48
# Updated 14/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Johny - JOHNY-PC
# Running from : C:\Users\Johny\Desktop\adwcleaner_3.305.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : Update EnhanceEmpire
[#] Service Deleted : Util EnhanceEmpire
Service Deleted : {75e31400-eac4-49b7-986c-d198f0b97db7}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ssavEr bbOx
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\eSupport.com
Folder Deleted : C:\Program Files (x86)\VNT
[!] Folder Deleted : C:\Program Files (x86)\EnhanceEmpire
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Johny\AppData\Local\AppsHat Mobile Apps
Folder Deleted : C:\Users\Johny\AppData\Local\AskToolbar
Folder Deleted : C:\Users\Johny\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Johny\AppData\Local\VNT
Folder Deleted : C:\Users\Johny\AppData\Local\Temp\EnhanceEmpire
Folder Deleted : C:\Users\Johny\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Johny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
File Deleted : C:\Windows\System32\GroupPolicy\Machine\Registry.pol
File Deleted : C:\Windows\System32\drivers\{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64.sys
File Deleted : C:\Users\Johny\AppData\Roaming\BabMaint.exe
File Deleted : C:\Users\Johny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Johny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : Apps Hat Mini-chromeinstaller
Task Deleted : BrowserProtect
Task Deleted : EPUpdater
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Key Deleted : HKCU\Software\d57d88be13dbe45
Key Deleted : HKLM\SOFTWARE\d57d88be13dbe45
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{e39519a5-9d10-478c-98d8-9c486f3190a4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{375D4D68-E576-449F-B588-A1E17C29F32D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{046f59b8-3ab5-445c-b397-b7cff9a1b2a3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e39519a5-9d10-478c-98d8-9c486f3190a4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{375D4D68-E576-449F-B588-A1E17C29F32D}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\EnhanceEmpire
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\EnhanceEmpire
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EnhanceEmpire
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 en-US)
[ File : C:\Users\Johny\AppData\Roaming\Mozilla\Firefox\Profiles\1ax2csqq.default\prefs.js ]
Line Deleted : user_pref("extensions.35ie.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\"alert[...]
Line Deleted : user_pref("extensions.JRSd7nZba.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\"[...]
Line Deleted : user_pref("extensions.dzi_7zGnnv.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\[...]
Line Deleted : user_pref("extensions.kango.storage.m2_k1", "6");
Line Deleted : user_pref("extensions.kango.storage.m2_k2", "100");
Line Deleted : user_pref("extensions.kango.storage.m2_k3", "1390863905606");
Line Deleted : user_pref("extensions.kango.storage.m2_k4", "0");
Line Deleted : user_pref("extensions.kango.storage.m2_k5", "1390864629721");
Line Deleted : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
Line Deleted : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Line Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
-\\ Google Chrome v34.0.1847.116
[ File : C:\Users\Johny\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : aaaaabfjnbeinlpljodiajipidiompfl
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
*************************
AdwCleaner[R0].txt - [11732 octets] - [18/08/2014 22:36:35]
AdwCleaner[S0].txt - [11533 octets] - [18/08/2014 22:37:48]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11594 octets] ##########
Omlouvám se za ten rtis, že je až po projetí jrt a adw, ale já nevěděl, kam se to uložilo tak jsem to spustil znova
Tak si říkám, že bych s tím měl něco udělat, stáhl jsem si adwcleaner aj jrt. Logy sem dám, ale stále je to také zasekané Tak se ptám, jestli mi prosím neporadíte, co mám ještě udělat? Rsit:
Logfile of random's system information tool 1.10 (written by
random/random)
Run by Johny at 2014-08-18 22:49:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (7%) free of 295 GB
Total RAM: 3956 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:49:27, on 18.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\WakeWorker\WakeWorker.exe
C:\Program Files (x86)\Common Files\LightScribe
\LightScribeControlPanel.exe
C:\Users\Johny\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Johny\AppData\Local\Programs\Google\Google+ Auto Backup\Google+
Auto Backup.exe
C:\Program Files (x86)\WhatPulse2\whatpulse.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Users\Johny\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup
\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\SysWOW64\WTClient.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ACDaemon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ArcCon.ac
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Anvisoft\Cloud System Booster
\CloudSystemBooster.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Johny\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\syswow64\MsiExec.exe
C:\Program Files\trend micro\Johny.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:
\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-
0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:
\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-
A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-
9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:
\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:
\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech
Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager
\LManager.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple
\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero
BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe
\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common
Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe
\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files
(x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe
\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop
\avgnt.exe" /min
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files
(x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files
(x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-
software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies
\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common
Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files
(x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime
\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KORG USB-MIDI Driver] C:\Program Files (x86)\KORG\KORG
USB-MIDI Driver\EsHelper2.exe /s
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira
\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools
Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [WakeWorker] C:\Program Files (x86)\WakeWorker
\WakeWorker.exe -h
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Johny\AppData
\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Johny\AppData
\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -
AutoStart
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files
(x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Johny\AppData\Local
\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
O4 - HKCU\..\Run: [WhatPulse] "C:\Program Files
(x86)\WhatPulse2\whatpulse.exe"
O4 - HKCU\..\Run: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie
\bin\NETGEARGenie.exe" -mini -redirect
O4 - HKCU\..\Run: [CloudSystemBooster] "C:\Program Files (x86)\Anvisoft
\Cloud System Booster\CloudSystemBooster.exe" /hide /autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Johny\AppData\Roaming\uTorrent
\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Johny\AppData\Local
\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar
\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
(User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar
\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
(User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Startup: JDownloader.lnk = C:\Program Files (x86)\JDownloader
\JDownloaderPortable.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files
\McAfee Security Scan\3.8.150\SSScheduler.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY
\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer
\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-
D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer
\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer
\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-
D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer
\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-
5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office
\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-
8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office
\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-
2923E76605DA} - C:\Program Files (x86)\Microsoft Office
\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-
4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office
\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-
46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote -
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft
Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-
9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software
\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM
\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files
\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files
\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program
Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:
\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program
Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} -
C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:
\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ACService.exe
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) -
Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 9
Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe
Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM
\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service
(AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows
\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner -
C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows
\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira
Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop
\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira
Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop
\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations
GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) -
Anvisoft - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files
(x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira
Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira
\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:
\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo
Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon
\dragon_updater.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. -
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown
owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:
\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown
owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files
(x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files
(x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. -
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. -
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files
(x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner -
C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC
\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000
(IEEtwCollectorService) - Unknown owner - C:\Windows
\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows
\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program Files
(x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program
Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local
Management Service (LMS) - Intel Corporation - C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: M-Audio Series II MIDI Installer
(MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files (x86)\M-
Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: McAfee Security Scan Component Host Service
(McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security
Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla
Foundation - C:\Program Files (x86)\Mozilla Maintenance Service
\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows
\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200
(NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files
(x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program
Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files
(x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown
owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) -
Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown
owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico
\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:
\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown
owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown
owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown
owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files
(x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files
(x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel
\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) -
Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User
Notification Service (UNS) - Intel Corporation - C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) -
M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -
C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner
- C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) -
Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) -
Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WinTab Service (WinTabService) - Unknown owner - C:
\Windows\System32\Drivers\WTSRV.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -
Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101
(WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media
Player\wmpnetwk.exe (file missing)
--
End of file - 19861 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows
SharedSection=1024,20480,768 Windows=On SubSystemType=Windows
ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4
ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows
SharedSection=1024,20480,768 Windows=On SubSystemType=Windows
ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4
ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 22276144
\??\C:\Windows\system32\conhost.exe "16478669021978202645-567517521-
10506926212535466101447597170-1470834971-1210462201
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ACService.exe"
"c:\Program Files (x86)\Adobe\Elements 9 Organizer
\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management
\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS
\LMS.exe"
"C:\Program Files (x86)\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe"
"C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup
\IScheduleSvc.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"taskhost.exe"
taskeng.exe {D3AA64B9-F4E4-4EFC-A20A-9E17C831BEFE}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files\KMSpico\Service_KMS.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
adb fork-server server
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe"
avshadowcontrol0_00000798
"C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe"
"C:\Windows\System32\Drivers\WTSRV.EXE"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3240
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Apoint2K\Apoint.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management
\ePowerTray.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Packard Bell\Packard Bell Power Management
\ePowerEvent.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir
"C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program
Files (x86)\Steam\config\cookies" -steampid 3992 --blacklist-accelerated-
compositing --process-per-tab
"C:\Program Files (x86)\WakeWorker\WakeWorker.exe" -h
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-
780D8591C113}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"Apntex.exe"
"C:\Program Files\Apoint2K\HidFind.exe"
\??\C:\Windows\system32\conhost.exe "1499701642-
143529409014152527356257277981096058751-2025634251-634280491-275823989
"C:\Program Files (x86)\Common Files\LightScribe
\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
szndesktop.exe default start
"C:\Users\Johny\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1579147385453772974931629912-
65750502813554364471447575830-1409298331326634671
"C:\Users\Johny\AppData\Local\Programs\Google\Google+ Auto Backup\Google+
Auto Backup.exe" /autostart
"C:\Program Files (x86)\WhatPulse2\whatpulse.exe"
"C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -
redirect
"C:\Users\Johny\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup
\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe" -Xmx512m -
Dsun.java2d.d3d=false -jar "C:\Program Files (x86)\JDownloader
\JDownloader.jar"
"C:\Windows\System32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Windows\System32\WTClient.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin
\ACDaemon.exe"
ArcCon.ac 131614 0
"C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe"
"C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe" /s
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:/Program Files (x86)/Anvisoft/Cloud System
Booster/CloudSystemBooster.exe" /hide /autorun /svc
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth
Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
genie2_tray.exe -start _NETGEARGenieTray_{dc834a33-2533-41e1-a452-
b09be9fc1f6c}_1_
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-
process --channel="760.0.2116197964\1884049159" --supports-dual-gpus=false
--gpu-driver-bug-workarounds=0,1,14,28 --gpu-vendor-id=0x1002 --gpu-
device-id=0x68c1 --gpu-driver-vendor="Advanced Micro Devices, Inc." --
gpu-driver-version=12.104.0.0 --ignored=" --type=renderer "
/prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --
type=renderer --lang=cs --force-
fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-
default/ChromeSuggestions/Most Likely with
Kodachrome/ExtensionInstallVerification/Enforce/GoogleNow/Default/Prerende
r/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPD
Y/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/Sho
wPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-
Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-
Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-
Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-
Trial-1-Percent/group_30/UMA-Uniformity-Trial-10-Percent/group_07/UMA-
Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-
Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-
Trial-50-Percent/default/UMAStability/SeparateLog/" --extension-process
--renderer-print-preview --enable-threaded-compositing --enable-
delegated-renderer --enable-deadline-scheduling --enable-software-
compositing --channel="760.2.1642546513\4001581" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --
type=renderer --lang=cs --force-
fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-
default/ChromeSuggestions/Most Likely with
Kodachrome/ExtensionInstallVerification/Enforce/GoogleNow/Default/Prerende
r/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPD
Y/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/Sho
wPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-
Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-
Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-
Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-
Trial-1-Percent/group_30/UMA-Uniformity-Trial-10-Percent/group_07/UMA-
Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-
Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-
Trial-50-Percent/default/UMAStability/SeparateLog/" --renderer-print-
preview --enable-threaded-compositing --enable-delegated-renderer --
enable-deadline-scheduling --enable-software-compositing --
channel="760.3.68430184\654259483" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --
type=renderer --lang=cs --force-
fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-
default/ChromeSuggestions/Most Likely with
Kodachrome/ExtensionInstallVerification/Enforce/GoogleNow/Default/Prerende
r/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPD
Y/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/Sho
wPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-
Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-
Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-
Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-
Trial-1-Percent/group_30/UMA-Uniformity-Trial-10-Percent/group_07/UMA-
Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-
Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-
Trial-50-Percent/default/UMAStability/SeparateLog/" --renderer-print-
preview --enable-threaded-compositing --enable-delegated-renderer --
enable-deadline-scheduling --enable-software-compositing --
channel="760.4.785772413\1705234283" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi
--channel="760.7.91800130\854945158" --ppapi-flash-
args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer "
/prefetch:-632637702
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS
\UNS.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global
\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -
2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft
\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\splwow64.exe 8192
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-
AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
PriorityLow
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Johny\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe"
/installmethod=jau FAMILYUPGRADE=1
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\SysWOW64\\msiexec.exe" /i "C:\Users\Johny\AppData\LocalLow
\Sun\Java\jre1.7.0_67\jre1.7.0_67-pfrom51-b13.msi" SPWEB=http://javadl-
esd.sun.com/update/1.7.0/sp-1.7.0_67-b01 METHOD=jau SKIPLICENSE=1 PROG=0
ENDDIALOG=0 SKIPLICENSE=1
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe -Embedding
5ED471FC2EDB24C127BA32AD8181035F C
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --
type=renderer --lang=cs --force-
fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-
default/ChromeSuggestions/Most Likely with
Kodachrome/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/H
wVideo/GoogleNow/Default/NetworkConnectivity/disable_network_stats/Prerend
er/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SP
DY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/Sh
owPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-
Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-
Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-
Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-
Trial-1-Percent/group_30/UMA-Uniformity-Trial-10-Percent/group_07/UMA-
Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-
Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-
Trial-50-Percent/default/UMAStability/SeparateLog/" --renderer-print-
preview --enable-threaded-compositing --enable-delegated-renderer --
enable-deadline-scheduling --enable-software-compositing --
channel="760.9.1876764748\133794101" /prefetch:673131151
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\syswow64\MsiExec.exe -Embedding
24D0A01B18423E0531C9C00E96B686D9
"C:\Users\Johny\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\syswow64\MsiExec.exe -Embedding
0ED0B2D78C451767E9F4559362B2868B M Global\MSI0000
"C:\Program Files (x86)\Java\jre7\\patchjre.exe" -s "C:\Program Files
(x86)\Java\jre7"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows
\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1314750387-2638282084-
1046222022-1000Core.job - C:\Users\Johny\AppData\Local\Facebook\Update
\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1314750387-2638282084-
1046222022-1000UA.job - C:\Users\Johny\AppData\Local\Facebook\Update
\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Johny\AppData\Roaming\Mozilla\Firefox\Profiles
\1ax2csqq.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar
\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@esn/npbattlelog,version=2.3.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@graphisoft.com/GDL Web Plug-in]
"Description"=
"Path"=C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@java.com/DTPlugin]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre6\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins
\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins
\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration
\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins
\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Johny\AppData\Roaming\Mozilla\Firefox\Profiles\1ax2csqq.default
\extensions\
abs@avira.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office
\Office15\OCHelper.dll [2014-07-27 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL
[2014-01-22 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:
\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-07-27 2335960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan
\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office
\Office15\OCHelper.dll [2014-05-21 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
[2013-10-12 329504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files
\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
[2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:
\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL [2014-07-27 1730256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin
\jp2ssv.dll [2013-10-12 59168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion
\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat
\ActiveX\AcroIEFavClient.dll [2014-05-08 343424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer
\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files
(x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-05-08
343424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
[2010-06-10 324608]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-29
11101800]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-10-22 325120]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power
Management\ePowerTray.exe [2011-01-05 860040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE
\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
[2012-03-09 462712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-08-14 1937600]
"AdobeBridge"= []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
[2013-03-14 3672640]
"WakeWorker"=C:\Program Files (x86)\WakeWorker\WakeWorker.exe [2013-03-02
686080]
"cz.seznam.software.autoupdate"=C:\Users\Johny\AppData\Roaming\Seznam.cz
\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Johny\AppData\Roaming\Seznam.cz
\bin\wszndesktop.exe [2013-04-12 92664]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-08-07 3600728]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files
\LightScribe\LightScribeControlPanel.exe [2013-01-16 2736128]
"Google+ Auto Backup"=C:\Users\Johny\AppData\Local\Programs\Google\Google+
Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]
"WhatPulse"=C:\Program Files (x86)\WhatPulse2\whatpulse.exe [2014-04-17
3054592]
"NETGEARGenie"=C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
[2014-04-22 596480]
"CloudSystemBooster"=C:\Program Files (x86)\Anvisoft\Cloud System Booster
\CloudSystemBooster.exe [2014-05-29 527544]
"uTorrent"=C:\Users\Johny\AppData\Roaming\uTorrent\uTorrent.exe [2014-06-
13 1267536]
"Facebook Update"=C:\Users\Johny\AppData\Local\Facebook\Update
\FacebookUpdate.exe [2014-07-11 138096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion
\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Packard
Bell MyBackup\BackupManagerTray.exe [2010-06-29 263936]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-11
975952]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application
Support\APSDaemon.exe [2013-09-13 59720]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
[2011-11-18 1492264]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard
\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe
\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[2013-11-21 959904]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\Acrobat_sl.exe [2014-05-08 41336]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat
\Acrotray.exe [2014-05-08 840568]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-08-07
751184]
"WTClient"=C:\Windows\system32\WTClient.exe [2009-10-30 32768]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft
\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz
\distribution\szninstall.exe [2013-05-16 1062472]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
\CLIStart.exe [2013-03-28 642656]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update
\jusched.exe [2013-07-02 254336]
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin
\FTBCheckUpdates.exe [2013-11-12 2532864]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17
421888]
"KORG USB-MIDI Driver"=C:\Program Files (x86)\KORG\KORG USB-MIDI Driver
\EsHelper2.exe [2013-05-31 394096]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
[2014-07-14 190032]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan
\3.8.150\SSScheduler.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Users\Johny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
\Startup
JDownloader.lnk - C:\Program Files (x86)\JDownloader
\JDownloaderPortable.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies
\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
\explorer]
"NoDriveTypeAutoRun"=149
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies
\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess
\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess
\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.CDV5"=cdv5codc.dll
"vidc.CLLC"=cllccodc.dll
"vidc.CUVC"=cuvccodc.dll
"vidc.CDVC"=cdvccodc.dll
"vidc.CDVH"=cdvhcodc.dll
"vidc.CMIC"=cmiccodc.dll
"vidc.CHQX"=chqxcodc.dll
"vidc.C210"=c210codc.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
"midi5"=KORGUM64.DRV
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi9"=wdmaud.drv
"aux4"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"aux9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-08-18 22:37:28 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-08-18 22:36:34 ----D---- C:\AdwCleaner
2014-08-18 22:33:32 ----D---- C:\Program Files\trend micro
2014-08-18 22:33:31 ----D---- C:\rsit
2014-08-18 18:18:32 ----D---- C:\Windows\ERUNT
2014-08-18 02:30:50 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-18 02:30:50 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-18 02:30:49 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-18 02:30:49 ----A---- C:\Windows\system32\icardagt.exe
2014-08-18 02:30:47 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-18 02:30:47 ----A---- C:\Windows\system32\icardres.dll
2014-08-18 02:30:21 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-18 02:30:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-18 01:06:31 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-18 01:06:31 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-18 01:06:31 ----A---- C:\Windows\system32\msi.dll
2014-08-18 01:06:31 ----A---- C:\Windows\system32\authui.dll
2014-08-18 01:06:30 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-18 01:06:30 ----A---- C:\Windows\system32\msihnd.dll
2014-08-18 01:06:30 ----A---- C:\Windows\system32\consent.exe
2014-08-14 19:21:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 19:21:48 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 19:21:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 19:21:31 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 19:21:31 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 19:21:23 ----A---- C:\Windows
\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 19:21:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 19:21:23 ----A---- C:\Windows
\system32\JavaScriptCollectionAgent.dll
2014-08-14 19:21:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 19:21:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 19:21:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 19:21:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 19:21:21 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 19:21:21 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 19:21:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 19:21:20 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 19:21:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 19:21:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 19:21:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 19:21:19 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 19:21:19 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 19:21:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 19:21:19 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 19:21:19 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 19:21:18 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 19:21:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 19:21:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 19:21:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 19:21:17 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 19:21:17 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 19:21:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 19:21:16 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 19:21:15 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 19:21:15 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 19:21:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 19:21:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 19:21:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 19:21:14 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 19:21:14 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 19:21:13 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 19:21:13 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 19:21:13 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 19:21:13 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 19:21:12 ----A---- C:\Windows
\system32\MsSpellCheckingFacility.exe
2014-08-14 19:21:12 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 19:21:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 19:21:12 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 19:20:11 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 19:20:11 ----A---- C:\Windows\system32\aeinv.dll
2014-08-14 19:20:10 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 19:20:10 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-07 16:12:20 ----D---- C:\ProgramData\Package Cache
2014-08-06 18:38:01 ----A---- C:\Windows\SYSWOW64\certsentry.dll
2014-08-06 18:38:01 ----A---- C:\Windows\system32\certsentry.dll
2014-08-06 18:37:40 ----D---- C:\Program Files (x86)\Comodo
2014-08-06 18:36:29 ----D---- C:\Program Files (x86)\DsNET Corp
2014-08-06 18:30:25 ----D---- C:\Program Files (x86)\freebird
2014-08-06 13:41:49 ----D---- C:\Users\Johny\AppData\Roaming\AIMP3
2014-08-06 13:41:43 ----D---- C:\Program Files (x86)\AIMP3
======List of files/folders modified in the last 1 month======
2014-08-18 22:49:28 ----D---- C:\Windows\Prefetch
2014-08-18 22:49:25 ----D---- C:\Windows\Temp
2014-08-18 22:49:25 ----D---- C:\Windows\SysWOW64
2014-08-18 22:49:25 ----D---- C:\Program Files (x86)\Java
2014-08-18 22:49:24 ----SHD---- C:\Windows\Installer
2014-08-18 22:49:24 ----SHD---- C:\Config.Msi
2014-08-18 22:48:36 ----SHD---- C:\System Volume Information
2014-08-18 22:48:00 ----D---- C:\Users\Johny\AppData\Roaming\uTorrent
2014-08-18 22:47:28 ----D---- C:\Program Files (x86)\JDownloader
2014-08-18 22:47:05 ----D---- C:\Windows\system32\config
2014-08-18 22:46:31 ----D---- C:\ProgramData\Origin
2014-08-18 22:46:18 ----D---- C:\Windows\System32
2014-08-18 22:46:18 ----D---- C:\Windows\inf
2014-08-18 22:46:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-18 22:45:57 ----D---- C:\Users\Johny\AppData\Roaming\Seznam.cz
2014-08-18 22:41:06 ----D---- C:\Program Files (x86)\Origin
2014-08-18 22:40:22 ----D---- C:\Program Files (x86)\Steam
2014-08-18 22:40:04 ----D---- C:\Program Files\KMSpico
2014-08-18 22:39:55 ----A---- C:\Windows\SYSWOW64\log.txt
2014-08-18 22:39:40 ----RD---- C:\Program Files (x86)
2014-08-18 22:38:08 ----D---- C:\Windows\system32\Tasks
2014-08-18 22:38:07 ----D---- C:\Windows\Tasks
2014-08-18 22:38:07 ----D---- C:\Windows\system32\drivers
2014-08-18 22:37:57 ----A---- C:\Windows\win.ini
2014-08-18 22:37:50 ----HD---- C:\ProgramData
2014-08-18 22:33:32 ----RD---- C:\Program Files
2014-08-18 20:29:33 ----D---- C:\Windows\rescache
2014-08-18 18:18:32 ----D---- C:\Windows
2014-08-18 18:06:57 ----D---- C:\Windows\Microsoft.NET
2014-08-18 18:06:11 ----RSD---- C:\Windows\assembly
2014-08-18 17:45:26 ----D---- C:\Windows\winsxs
2014-08-18 17:41:40 ----D---- C:\Windows\ehome
2014-08-18 17:41:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-18 17:41:23 ----D---- C:\Windows\system32\cs-CZ
2014-08-18 17:41:18 ----D---- C:\Program Files\Internet Explorer
2014-08-18 17:41:17 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-18 17:41:16 ----D---- C:\Windows\PolicyDefinitions
2014-08-18 17:41:15 ----D---- C:\Windows\system32\en-US
2014-08-18 17:41:10 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-18 02:53:56 ----D---- C:\ProgramData\Microsoft Help
2014-08-18 02:50:32 ----D---- C:\Windows\system32\catroot2
2014-08-18 02:50:32 ----D---- C:\Windows\system32\catroot
2014-08-18 02:29:58 ----SD---- C:\Windows\system32\CompatTel
2014-08-13 21:26:42 ----D---- C:\Program Files (x86)\The KMPlayer
2014-08-13 20:40:40 ----D---- C:\Windows\system32\wfp
2014-08-13 20:40:40 ----D---- C:\Windows\system32\DriverStore
2014-08-13 20:40:40 ----D---- C:\Windows\system32\CodeIntegrity
2014-08-13 20:40:39 ----D---- C:\Windows\system32\wbem
2014-08-13 20:40:39 ----D---- C:\Windows\registration
2014-08-07 16:12:33 ----D---- C:\Program Files (x86)\Avira
2014-08-07 16:12:31 ----D---- C:\ProgramData\Avira
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-03 10:26:26 ----D---- C:\Program Files\Microsoft Silverlight
2014-08-03 10:26:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-08-03 10:26:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance
Service
2014-07-24 10:26:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-19 10:54:23 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto,
3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
[2010-03-03 540696]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS
\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows
\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03
56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11
-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-06-05
130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-26
28600]
R1 cdrblock;cdrblock; C:\Windows\system32\DRIVERS\cdrblock.sys [2008-05-30
34360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows
\system32\DRIVERS\dtsoftbus01.sys [2013-05-06 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS
\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2009-09-21
71040]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-07-01
117712]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2009-
03-13 318464]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2012-11-19
11576]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS
\TurboB.sys [2009-11-02 13784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29
11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29
581120]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows
\system32\DRIVERS\Apfiltr.sys [2009-10-22 272432]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows
\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows
\system32\DRIVERS\bcmwl664.sys [2011-03-02 4720704]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows
\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows
\system32\drivers\RTKVHD64.sys [2010-07-29 2445672]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows
\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
R3 NPF;WinPcap Packet Driver (NPF); C:\Windows\system32\drivers\NPF.sys
[2013-04-30 35344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-
06 18432]
R3 PTSimBus;PenTablet Bus Enumerator; C:\Windows\system32\DRIVERS
\PTSimBus.sys [2009-06-18 27304]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-
05-06 16896]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows
\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows
\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys
[2009-06-03 507392]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS
[2010-06-10 40448]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service;
C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows
\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS
\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers
\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows
\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers
\btwampfl.sys [2010-06-26 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers
\btwaudio.sys [2010-06-26 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys
[2010-06-26 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS
\btwl2cap.sys [2010-06-26 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-26
21544]
S3 cpuz136;cpuz136; \??\C:\Users\Johny\AppData\Local\Temp
\cpuz136\cpuz136_x64.sys []
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
[2014-01-06 21712]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows
\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys
[2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS
\htcnprot.sys [2012-12-07 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10
6108416]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows; C:\Windows\System32\Drivers
\KORGUM64.SYS [2013-05-31 34136]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E
Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys
[2009-06-20 54272]
S3 MAUSBMIDI;Service for M-Audio USB MIDI Series; C:\Windows
\system32\DRIVERS\MAudioUSBMIDI.sys [2010-04-13 200200]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14
12352]
S3 PTSimHid;PenTablet Simulated HID MiniDriver; C:\Windows
\system32\DRIVERS\PTSimHid.sys [2009-06-18 17064]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows
\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 Tablet2k;Serial Tablet Port Driver; C:\Windows\System32\Drivers
\Tablet2k.sys []
S3 TClass2k;Tablet Class Driver; C:\Windows\system32\DRIVERS\TClass2k.sys
[2009-06-18 27304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21
59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers
\TsUsbGD.sys [2010-11-21 31232]
S3 UCTblHid;HID Tablet Port Driver; C:\Windows\system32\DRIVERS
\UCTblHid.sys [2009-06-18 22696]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys
[2013-07-03 42496]
S3 usbser;Ovladač modemu USB; C:\Windows\system32\drivers\usbser.sys
[2013-08-29 33280]
S4 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys
[2009-08-20 130816]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto,
3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files
\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; c:\Program
Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
[2010-09-30 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files
(x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows
\system32\atiesrxx.exe [2013-03-29 241152]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files
(x86)\Avira\AntiVir Desktop\avguard.exe [2014-08-07 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira
\AntiVir Desktop\sched.exe [2014-08-07 430160]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira
\AntiVir Desktop\AVWEBGRD.EXE [2014-08-07 1021008]
R2 AnviCsbSvc;Anvi Cloud System Booster Speed Service; C:\Program Files
(x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [2014-05-29 42680]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork
\Toolbar\apnmcp.exe [2014-06-14 165784]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software
\btwdins.exe [2010-06-25 952096]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files
(x86)\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch
Manager\dsiwmis.exe [2010-08-11 321104]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard
Bell Power Management\ePowerSvc.exe [2011-01-05 867712]
R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell
\Registration\GREGsvc.exe [2010-01-08 23584]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe
[2009-12-16 3750400]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC
Sync Manager\HSMServiceEntry.exe [2013-11-10 87368]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:
\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2013-01-16
73728]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard
Bell\Packard Bell Updater\UpdaterService.exe [2011-01-31 244624]
R2 LMS;Intel(R) Management and Security Application Local Management
Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\LMS\LMS.exe [2010-03-03 268824]
R2 MA_CMIDI_InstallerService;M-Audio Series II MIDI Installer; C:\Program
Files (x86)\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [2007-01-08
94208]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program
Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR
Genie\bin\NETGEARGenieDaemon64.exe [2014-03-24 225792]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech
Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-29 255744]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV
\PanService\PandoraService.exe [2012-09-28 625304]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files
(x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-11-06 75136]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico
\Service_KMS.exe [2013-03-02 37888]
R2 UNS;Intel(R) Management & Security Application User Notification
Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\UNS\UNS.exe [2010-03-03 2320920]
R2 USBMIDIAudioDevMon;USB MIDI Series Audio Device Monitor; C:\Program
Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [2010-04-13 1636872]
R3 Steam Client Service;Steam Client Service; C:\Program Files
(x86)\Common Files\Steam\SteamService.exe [2014-08-14 833728]
S2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira
\My Avira\Avira.OE.ServiceHost.exe [2014-07-14 141392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN
v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google
\Update\GoogleUpdate.exe [2013-04-30 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater
\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:
\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08
262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent
Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [2013-04-30 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common
\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-
1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:
\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09
289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files
(x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-24
119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files
\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common
Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012
-10-01 5132888]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe
\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe
[2009-11-02 126352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows
\system32\Wat\WatAdminSvc.exe [2013-05-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Johny on po 18.08.2014 at 18:18:41,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1314750387-2638282084-1046222022-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta chrome toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220522032201}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220522032201}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D01E1262-2461-46D4-B1EB-216C68FEF6DB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FE7BDB3C-A04F-48E7-83FF-197F92A3DA0E}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\Users\Johny\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Johny\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Johny\appdata\locallow\minibar"
Successfully deleted: [Folder] "C:\Users\Johny\AppData\Roaming\microsoft\windows\start menu\programs\browserprotect"
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{06D1E5D3-C883-4177-95EF-C8DBD0F645BD}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{0FCE975C-20E1-4AE9-B68F-846C632E34A0}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{123F3FA1-D6A4-4E8B-8443-DB33FF194541}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{1CD219E7-3B19-44F5-AD39-052648D96E7C}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{334343D3-A90E-4183-938E-D18CA3F2292D}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{5B303F50-8D1F-444A-A349-78D810216711}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{60006463-4609-4EEB-9F34-419A38F4410C}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{606E932E-C54D-4F61-BC4A-A8589690378D}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{653F238F-3FC9-4EC1-BA7A-6E4783A252FD}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{72F53889-C99B-4663-8662-99A8D6A63E2A}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{8CF85D14-0BE7-4D1F-87BF-333F8D0795D4}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{963552A0-859D-4E2F-9D0C-9BA2B42EAE4C}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{96B3537E-8BBA-4CF6-9B90-02669281155A}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{9776C81C-5837-4CD9-A684-E519EE77B8C1}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{A01FE6E8-AA10-46DE-AAC0-EC4A69D9D2AB}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{AA9F9DE6-BC0C-4C02-A30B-DE32E67A1D5F}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{B8C5AB87-B2C7-47F3-B504-958101D8EAE9}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{BB8A8982-8867-4D7F-A10D-946247109ACC}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{C05E16AB-183B-4CEA-8C56-C5CCE9A37524}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{D387B502-7DC5-4448-9E9D-2D39ADC1D4F1}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{D5143646-1075-4F21-A69E-8800019BC90B}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{D97017CA-4D5E-4AB3-A82B-9EB0108E5F43}
Successfully deleted: [Empty Folder] C:\Users\Johny\appdata\local\{E3AD6036-FCF6-4052-A125-315BEE9306A0}
~~~ FireFox
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\user.js
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\searchplugins\babylon.xml
Successfully deleted the following from C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\prefs.js
user_pref("browser.newtab.url", "hxxp://www2.delta-search.com/?affID=119816&tt=gc_&babsrc=NT_ss&mntrId=FA6BC4461913C182");
user_pref("extensions.35ie.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\"
user_pref("extensions.JRSd7nZba.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapa
user_pref("extensions.asktb.ff-original-keyword-url", "");
user_pref("extensions.crossrider.bic", "143da3c4f38543cfe5a2ffef81ec78a3");
user_pref("extensions.dzi_7zGnnv.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apap
user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.b
user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANU
Emptied folder: C:\Users\Johny\AppData\Roaming\mozilla\firefox\profiles\1ax2csqq.default\minidumps [217 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 18.08.2014 at 18:29:55,53
End of JRT log
ADWCleaner
# AdwCleaner v3.305 - Report created 18/08/2014 at 22:37:48
# Updated 14/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Johny - JOHNY-PC
# Running from : C:\Users\Johny\Desktop\adwcleaner_3.305.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : Update EnhanceEmpire
[#] Service Deleted : Util EnhanceEmpire
Service Deleted : {75e31400-eac4-49b7-986c-d198f0b97db7}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ssavEr bbOx
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\eSupport.com
Folder Deleted : C:\Program Files (x86)\VNT
[!] Folder Deleted : C:\Program Files (x86)\EnhanceEmpire
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Johny\AppData\Local\AppsHat Mobile Apps
Folder Deleted : C:\Users\Johny\AppData\Local\AskToolbar
Folder Deleted : C:\Users\Johny\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Johny\AppData\Local\VNT
Folder Deleted : C:\Users\Johny\AppData\Local\Temp\EnhanceEmpire
Folder Deleted : C:\Users\Johny\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Johny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
File Deleted : C:\Windows\System32\GroupPolicy\Machine\Registry.pol
File Deleted : C:\Windows\System32\drivers\{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64.sys
File Deleted : C:\Users\Johny\AppData\Roaming\BabMaint.exe
File Deleted : C:\Users\Johny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Johny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : Apps Hat Mini-chromeinstaller
Task Deleted : BrowserProtect
Task Deleted : EPUpdater
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Key Deleted : HKCU\Software\d57d88be13dbe45
Key Deleted : HKLM\SOFTWARE\d57d88be13dbe45
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{e39519a5-9d10-478c-98d8-9c486f3190a4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{375D4D68-E576-449F-B588-A1E17C29F32D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{046f59b8-3ab5-445c-b397-b7cff9a1b2a3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e39519a5-9d10-478c-98d8-9c486f3190a4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{375D4D68-E576-449F-B588-A1E17C29F32D}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\EnhanceEmpire
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\EnhanceEmpire
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EnhanceEmpire
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 en-US)
[ File : C:\Users\Johny\AppData\Roaming\Mozilla\Firefox\Profiles\1ax2csqq.default\prefs.js ]
Line Deleted : user_pref("extensions.35ie.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\"alert[...]
Line Deleted : user_pref("extensions.JRSd7nZba.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\"[...]
Line Deleted : user_pref("extensions.dzi_7zGnnv.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\[...]
Line Deleted : user_pref("extensions.kango.storage.m2_k1", "6");
Line Deleted : user_pref("extensions.kango.storage.m2_k2", "100");
Line Deleted : user_pref("extensions.kango.storage.m2_k3", "1390863905606");
Line Deleted : user_pref("extensions.kango.storage.m2_k4", "0");
Line Deleted : user_pref("extensions.kango.storage.m2_k5", "1390864629721");
Line Deleted : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
Line Deleted : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Line Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
-\\ Google Chrome v34.0.1847.116
[ File : C:\Users\Johny\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : aaaaabfjnbeinlpljodiajipidiompfl
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
*************************
AdwCleaner[R0].txt - [11732 octets] - [18/08/2014 22:36:35]
AdwCleaner[S0].txt - [11533 octets] - [18/08/2014 22:37:48]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11594 octets] ##########
Omlouvám se za ten rtis, že je až po projetí jrt a adw, ale já nevěděl, kam se to uložilo
tak jsem to spustil znova