Jenxcus-D, Flash-Disky
Napsal: 02 lis 2016 19:31
Ahoj, mám problém spočívající v tom že mě požádala tchýně že má velmi pomalý PC a seká se jí při běžném používání PC (intetnet, word,excel) jestli si má koupit nový (nějaké 2 jádro 2gb Ram)- nebo co s tim má ,řikám zkusíme naformátovat - řiká nemám CD win - tak jsem stáhl nějaké jen na zkoušku zda to půjde normálně nebo se PC vyhodí vše si zálohovala na flashky, po instalaci PC šlapalo pěkně do té doby něž se vložila flashka - ihned avast začal házet zablokovanou hrozbu jentxcus-d a ve všem(soubory, fotky, videa....)-flashka po vložení ukazuje prázdno ale pořád by to tam mělo být - dle zaplněnosti a i když dám ve virové truhle obnovit tak se to tam ukáže. ale má to tak 1-2kb- jde mi o to zachárnit ty věci na těch fleškách o systém v PC vůbec...našel jsem tu nějakou radu o usbfixu ale reaději se zeptám opravdu je životně důležité to zachránit 
Díky za rady
ještě nějaký ten log
Logfile of random's system information tool 1.10 (written by random/random)
Run by pc at 2016-11-02 19:05:13
Microsoft Windows 8.1
System drive C: has 26 GB (51%) free of 50 GB
Total RAM: 1791 MB (26% free)
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL
C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\82l8gnl8.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\82l8gnl8.default\searchplugins\
seznam-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-30 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-30 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoKMS"=C:\Windows\AutoKMS.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\pc\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"KMS Activator all windows 8"=wscript.exe //B C:\Users\pc\AppData\Local\Temp\KMS Activator all windows 8.1 (Crack-kegen-serial) .vbs []
"WH2R0CM3ST"=C:\Users\pc\AppData\Local\Temp\TOI8V7EON\TOI8V7EON.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-24 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-30 9099440]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"pcmgr"=C:\Program Files (x86)\badu\Uninst.exe []
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KMS Activator all windows 8.1 (Crack-kegen-serial) .vbs
Microsoft Update.lnk - C:\Users\pc\AppData\Local\Temp\M3.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\svchost.exe -k netsvcs
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\svchost.exe -k Tibeingshadaing
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
dashost.exe {501ecafb-0e0e-4d33-980897ef0495133b}
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
szndesktop.exe default start
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\pc\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Windows\SYSWOW64\WSCRIPT.EXE" "C:\Users\pc\AppData\Local\Temp\KMS Activator all windows 8.1 (Crack-kegen-serial) .vbs"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\splwow64.exe 8192
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="1788.0.1259616913\517648267" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1788 "\\.\pipe\gecko-crash-server-pipe.1788" tab
"C:\Users\pc\Desktop\RSITx64.exe"
"C:\Windows\System32\Taskmgr.exe" /3
=========Mozilla firefox=========
ProfilePath - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\82l8gnl8.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
Díky za radyještě nějaký ten log
Logfile of random's system information tool 1.10 (written by random/random)
Run by pc at 2016-11-02 19:05:13
Microsoft Windows 8.1
System drive C: has 26 GB (51%) free of 50 GB
Total RAM: 1791 MB (26% free)
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL
C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\82l8gnl8.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\82l8gnl8.default\searchplugins\
seznam-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-30 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-30 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoKMS"=C:\Windows\AutoKMS.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\pc\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"KMS Activator all windows 8"=wscript.exe //B C:\Users\pc\AppData\Local\Temp\KMS Activator all windows 8.1 (Crack-kegen-serial) .vbs []
"WH2R0CM3ST"=C:\Users\pc\AppData\Local\Temp\TOI8V7EON\TOI8V7EON.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-24 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-30 9099440]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"pcmgr"=C:\Program Files (x86)\badu\Uninst.exe []
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KMS Activator all windows 8.1 (Crack-kegen-serial) .vbs
Microsoft Update.lnk - C:\Users\pc\AppData\Local\Temp\M3.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\svchost.exe -k netsvcs
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\svchost.exe -k Tibeingshadaing
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
dashost.exe {501ecafb-0e0e-4d33-980897ef0495133b}
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
szndesktop.exe default start
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\pc\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Windows\SYSWOW64\WSCRIPT.EXE" "C:\Users\pc\AppData\Local\Temp\KMS Activator all windows 8.1 (Crack-kegen-serial) .vbs"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\splwow64.exe 8192
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="1788.0.1259616913\517648267" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1788 "\\.\pipe\gecko-crash-server-pipe.1788" tab
"C:\Users\pc\Desktop\RSITx64.exe"
"C:\Windows\System32\Taskmgr.exe" /3
=========Mozilla firefox=========
ProfilePath - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\82l8gnl8.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
