Otravné stránky a kdo ví co ještě....

Zpráva

Kvazielektron · #1 Příspěvek od **Kvazielektron** » 09 pro 2015 22:07

Zdravím osazenstvo. Mohli byste mi pomoct s problémem ohledně prohlížeče Chromu?
Často mě to převádí na jiné stránky nebo to po mě chce odkliknout nějakou hloupost abych si
mohl prohlížet zvolenou stránku. Myslím že to nemusím více rozebírat, protože už jste se
s něčím takovým setkali.

Sice s obtížemi (chrom to nechtěl stáhnout, pak avast nechat spustit), ale i tak jsem byl schopný získat tenhle log.
Snad mi budete schopni poradit s chromem a když objevíte i jiné problémy taky bude dobře.
Předem děkuju za pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
Ran by Lukas (administrator) on LUKAS-VAIO (09-12-2015 20:07:49)
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas (Available Profiles: Lukas)
Platform: Windows 7 Ultimate (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\IB Updater\ExtensionUpdaterService.exe
(tsvr.com) C:\Users\Lukas\AppData\Roaming\TSv\TSvr.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(Sony Corporation) C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
(TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(TFuns LIMITED) C:\ProgramData\8WdM8\WdMan.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(BitTorrent Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(forum.viry.cz) C:\Users\Lukas\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-26] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [208384 2009-11-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-21] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
HKLM-x32\...\Run: [Google Desktop Search] => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-07-25] (Google)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NI Update Service] => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [3004512 2011-11-02] (National Instruments)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-28] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\igfxcui:
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [802136 2013-06-30] (BitTorrent Inc.)
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2636800 2010-07-22] ()
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\MountPoints2: {32896cd7-d4dd-11e2-8ae3-0024bec539e7} - D:\AutoRun.exe
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\MountPoints2: {666c1cbe-f9ba-11e1-a87c-0024bec539e7} - G:\AutoRun.exe
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\MountPoints2: {a6e01760-eb63-11e0-add1-0024bec539e7} - D:\autorun.exe
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\MountPoints2: {ed95dd2b-f97c-11e1-b8d7-0024bec539e7} - G:\AutoRun.exe
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\MountPoints2: {f86ca41f-06d8-11e2-80be-0024bec539e7} - G:\Startme.exe
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-07-25] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-28] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2013-01-06]
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-1129460984-616144676-2562209765-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24280 2011-06-01] (National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26328 2011-06-01] (National Instruments Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 93.95.32.2 8.8.8.8
Tcpip\..\Interfaces\{33E16AA4-7666-4C96-A7FD-CC130D4C0D78}: [DhcpNameServer] 93.95.32.2 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=144965 ... M1954M1954
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=144965 ... M1954M1954
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=144965 ... M1954M1954
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=144965 ... M1954M1954
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=144965 ... M1954M1954
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=144965 ... M1954M1954
HKU\S-1-5-21-1129460984-616144676-2562209765-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
URLSearchHook: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
URLSearchHook: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 - FroggyBoss Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Froggy.dll (TODO: <название компании>)
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20462&r=2015/01/08&hid=15251881281741770283&lg=EN&cc=US&unqvl=74
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20462&r=2015/01/08&hid=15251881281741770283&lg=EN&cc=US&unqvl=74
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20462&r=2015/01/08&hid=15251881281741770283&lg=EN&cc=US&unqvl=74
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {0DE3A979-025E-4055-9C52-2ABF91C1B45C} URL = hxxp://www.zinio.com/search/index.jsp?s={searc ... yie8search
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {170DC629-71F2-46B8-8F2E-2BC8040AF2C7} URL = hxxp://uk.shopping.com/?linkin_id=8056359
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {5968B84D-E4F8-412B-ADD0-D98AAA4DCC52} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-5/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=HmVsI4vmOIaW8DWjBQ8kd4L4kPw?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {AA1E3BF9-95EC-4606-A74D-26CDF2406006} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=FV&apn_dtid=YYYYYYYYCZ&apn_uid=b251e225-3900-4f92-aac3-5331e8166435&apn_sauid=57BAAB37-4E8B-4835-904B-FFE14F06CBD5
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {B84156CD-1625-4F36-B025-96DAAA3FC3BF} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... EC_csCZ442
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20462&r=2015/01/08&hid=15251881281741770283&lg=EN&cc=US&unqvl=74
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6Oz0XlLhhC&i=26
SearchScopes: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> {E48CB6BC-CB83-4EFB-9F31-5F6B8FE6A7FD} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-28] (AVAST Software)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: No Name -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-28] (AVAST Software)
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Toolbar: HKLM - No Name - {5054562D-5247-006A-76A7-7A786E7484D7} - No File
Toolbar: HKLM-x32 - No Name - {5054562D-5247-006A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-1129460984-616144676-2562209765-1000 -> No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=14460490 ... M1954M1954

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2012-06-29] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2011-06-07] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2011-06-07] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\googledesktop.xml [2011-07-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-12-23] [not signed]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF Extension: IB Updater - C:\Program Files\IB Updater\Firefox [2013-03-03] [not signed]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-09]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\Lukas\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\Lukas\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013-06-30] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\Lukas\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks
FF Extension: Cool Smiley Bar for Facebook - C:\Users\Lukas\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks [2013-06-30] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-28]
FF HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\Lukas\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF HKU\S-1-5-21-1129460984-616144676-2562209765-1000\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\Lukas\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-03]
CHR Extension: (Dokumenty Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-03]
CHR Extension: (Disk Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Adblock Plus) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Avast Online Security) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Skype Click to Call) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-03]
CHR Extension: (Gmail) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-03]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2013-01-21]
CHR HKU\S-1-5-21-1129460984-616144676-2562209765-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lpgjmggepafkhenaeknpnjiceakbedpi] - C:\Users\Lukas\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [aaaahnibljmklpljnbpgfobmfpfhplch] - C:\ProgramData\AskPartnerNetwork\Toolbar\PTV-RG\CRX\ToolbarCR.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKLM-x32\...\Chrome\Extension: [lpgjmggepafkhenaeknpnjiceakbedpi] - C:\Users\Lukas\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Lukas\AppData\Roaming\PlusWinks\PlusWinks.crx [2013-06-11]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=144965 ... M1954M1954

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-28] (AVAST Software)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-07-25] (Google)
R2 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2013-01-29] () [File not signed]
R2 IhPul; C:\Users\Lukas\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com)
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [46192 2011-06-14] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [56952 2011-06-14] (National Instruments Corporation)
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [50336 2011-05-27] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [68256 2011-05-27] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [362104 2011-06-14] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [194224 2011-06-01] (National Instruments Corporation)
R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [50328 2011-05-27] (National Instruments Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)
S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2009-09-16] (Intel Corporation) [File not signed]
S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-10-15] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-10-15] (Sony Corporation)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [170144 2015-11-27] (TODO: <公司名>)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-09-14] (Sony Corporation) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416 2009-09-14] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [821760 2009-11-25] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1165680 2009-10-30] (Sony Corporation)
R2 WdMan; C:\ProgramData\8WdM8\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-28] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-30] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7778176 2009-12-16] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [244736 2009-12-16] (Intel(R) Corporation) [File not signed]
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com) [File not signed]
S3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt - )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2013-09-17] () [File not signed]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()
U3 ar7xxx3q; C:\Windows\System32\Drivers\ar7xxx3q.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 ALSysIO; \??\C:\Users\Lukas\AppData\Local\Temp\ALSysIO64.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\system32\drivers\btwrchid.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-09 20:07 - 2015-12-09 20:12 - 00033544 _____ C:\Users\Lukas\Desktop\FRST.txt
2015-12-09 20:07 - 2015-12-09 20:07 - 00000000 ____D C:\FRST
2015-12-09 20:04 - 2015-12-09 19:48 - 00112640 _____ (forum.viry.cz) C:\Users\Lukas\Desktop\FRSTLauncher.exe
2015-12-09 19:48 - 2015-12-09 19:48 - 00112640 _____ (forum.viry.cz) C:\Users\Lukas\Downloads\FRSTLauncher.exe
2015-12-09 19:17 - 2015-12-09 19:19 - 02369024 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2015-12-09 16:58 - 2015-12-09 16:58 - 00326111 _____ C:\Users\Lukas\Downloads\bankdetails.pdf
2015-12-09 15:39 - 2015-12-09 20:01 - 00000001 _____ C:\Windows\SysWOW64\en.html
2015-12-09 09:38 - 2015-12-09 19:58 - 00000000 ____D C:\Program Files (x86)\SFK
2015-12-09 09:38 - 2015-12-09 09:39 - 00000000 ____D C:\ProgramData\8WdM8
2015-12-09 09:38 - 2015-12-09 09:38 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\TSv
2015-12-09 09:37 - 2015-12-09 09:37 - 00000000 ____D C:\ProgramData\UWdMU
2015-12-05 10:25 - 2015-12-05 10:32 - 00026853 _____ C:\Users\Lukas\Downloads\mzdovy_list_11_2015-Luk.Masl..xlsx
2015-12-04 20:13 - 2015-12-04 20:13 - 00609587 _____ C:\Users\Lukas\Downloads\ZJ_MRL_0100_20160111 72.rar
2015-12-04 20:13 - 2015-12-04 20:13 - 00609587 _____ C:\Users\Lukas\Downloads\ZJ_MRL_0100_20160111 72 (1).rar
2015-12-04 20:13 - 2015-12-04 20:13 - 00000000 ____D C:\Users\Lukas\Downloads\ZJ_MRL_0100_20160111 72
2015-12-04 16:27 - 2015-12-04 16:27 - 00048566 _____ C:\Users\Lukas\Downloads\264036875_20151130_11_MCZB.pdf
2015-12-04 13:02 - 2015-12-04 13:02 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-04 13:02 - 2015-12-04 13:02 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 17:32 - 2015-12-02 17:32 - 00277728 _____ C:\Users\Lukas\Downloads\Lukas+Maslanak,+zivotopis+EN.pdf
2015-11-28 20:51 - 2015-11-28 20:51 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-28 20:51 - 2015-11-28 20:51 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-26 21:30 - 2015-11-26 21:31 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-24 16:13 - 2015-11-24 16:13 - 01293645 _____ C:\Users\Lukas\Downloads\damage-panel-s-indikatorem-3-verze-0-9-12[WoTportal.cz].rar
2015-11-24 16:13 - 2015-11-24 16:13 - 00000000 ____D C:\Users\Lukas\Downloads\damage-panel-s-indikatorem-3-verze-0-9-12[WoTportal.cz]
2015-11-21 08:58 - 2015-11-21 08:58 - 00048684 _____ C:\Users\Lukas\Downloads\151026_morava_plany_podzim.xlsx
2015-11-20 14:54 - 2015-11-20 14:54 - 00000795 _____ C:\Users\Lukas\Downloads\dopis
2015-11-20 13:07 - 2015-11-20 13:07 - 00000000 ____D C:\Users\Lukas\Downloads\wot-tweaker-plus-0-9-12[WoTportal.cz]
2015-11-20 13:07 - 2015-11-20 13:07 - 00000000 ____D C:\Users\Lukas\Downloads\standart-damage-panel-gambiter-0-9-12[WoTportal.cz]
2015-11-20 13:07 - 2015-11-20 13:07 - 00000000 ____D C:\Users\Lukas\Downloads\hitlog-0-9-12[WoTportal.cz]
2015-11-20 11:16 - 2015-11-20 11:16 - 00583338 _____ C:\Users\Lukas\Downloads\wot-tweaker-plus-0-9-12[WoTportal.cz].rar
2015-11-20 11:16 - 2015-11-20 11:16 - 00458802 _____ C:\Users\Lukas\Downloads\standart-damage-panel-gambiter-0-9-12[WoTportal.cz].rar
2015-11-20 11:16 - 2015-11-20 11:16 - 00117267 _____ C:\Users\Lukas\Downloads\hitlog-0-9-12[WoTportal.cz].rar
2015-11-19 10:39 - 2015-11-19 10:39 - 00000000 ____D C:\Users\Lukas\Downloads\ZJ_MRL_0100_20151201
2015-11-19 10:39 - 2015-11-19 10:39 - 00000000 ____D C:\Users\Lukas\Downloads\mod-kam-miri-nepratelsky-tank-0-9-12[WoTportal.cz]
2015-11-19 10:36 - 2015-11-19 10:36 - 00000000 ____D C:\Users\Lukas\Downloads\serverovy-zamerovac-zoom-zoomx-noscroll-0-9-12[WoTportal.cz]
2015-11-19 10:36 - 2015-11-19 10:36 - 00000000 ____D C:\Users\Lukas\Downloads\0.9.12
2015-11-17 17:28 - 2015-11-17 17:28 - 00085328 _____ C:\Users\Lukas\Desktop\záložky_17.11.15.html
2015-11-16 18:47 - 2015-11-16 18:47 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-11-16 18:46 - 2015-11-17 18:18 - 00000000 ____D C:\rei
2015-11-16 18:46 - 2015-11-17 15:49 - 00000000 ____D C:\Program Files\Reimage
2015-11-12 18:02 - 2015-11-12 18:07 - 00000000 ____D C:\Users\Lukas\Desktop\mobil

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-09 20:21 - 2011-07-25 19:05 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\uTorrent
2015-12-09 20:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-09 20:06 - 2009-07-14 05:45 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-09 20:06 - 2009-07-14 05:45 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-09 20:04 - 2015-01-17 15:00 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-09 20:01 - 2015-01-17 15:00 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 19:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-09 19:22 - 2015-10-02 22:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-09 19:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-09 18:49 - 2015-08-19 11:51 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\ObviousIdea
2015-12-09 09:38 - 2015-10-28 17:17 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-12-09 09:38 - 2014-04-24 17:34 - 00002376 _____ C:\Users\Lukas\Desktop\MAFIA II .lnk
2015-12-09 09:37 - 2015-10-28 17:17 - 00000000 ____D C:\ProgramData\gWMiniProg
2015-12-08 23:50 - 2011-07-27 18:15 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\TS3Client
2015-12-08 18:56 - 2015-10-19 07:47 - 00014894 _____ C:\Users\Lukas\Desktop\hodiny.xlsx
2015-12-08 18:34 - 2011-07-25 19:10 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{29A359CA-A3D2-4B10-AB97-448B8D8E4385}
2015-12-08 09:33 - 2012-09-07 13:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-06 08:07 - 2011-07-26 19:48 - 00102912 _____ C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-05 22:09 - 2011-07-25 22:04 - 00000000 ____D C:\Users\Lukas\Desktop\Torrenty
2015-12-04 12:59 - 2015-01-17 15:00 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 12:59 - 2015-01-17 15:00 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 17:34 - 2014-01-07 11:23 - 00000000 ____D C:\Users\Lukas\Desktop\Všechno možne
2015-11-28 20:51 - 2014-09-01 08:55 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-28 20:51 - 2014-09-01 08:55 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-28 20:51 - 2013-06-30 09:27 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-28 20:51 - 2013-06-30 09:27 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-28 20:51 - 2012-09-07 13:57 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-28 20:51 - 2012-09-07 13:51 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-28 20:51 - 2012-09-07 13:51 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-28 20:50 - 2012-09-07 13:51 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-26 21:31 - 2010-02-03 23:12 - 00000000 ____D C:\Windows\Panther
2015-11-25 20:45 - 2015-03-06 15:01 - 00000000 ____D C:\Users\Lukas\Desktop\Fotky
2015-11-20 21:46 - 2010-02-03 23:35 - 00672046 _____ C:\Windows\system32\perfh005.dat
2015-11-20 21:46 - 2010-02-03 23:35 - 00142610 _____ C:\Windows\system32\perfc005.dat
2015-11-20 21:46 - 2009-07-14 06:13 - 01591814 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-20 21:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-19 11:38 - 2015-01-27 09:21 - 00000000 ____D C:\Users\Lukas\Desktop\Funkční res mod
2015-11-17 19:32 - 2012-01-28 16:34 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2015-11-17 19:22 - 2015-10-02 22:26 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-17 19:22 - 2012-10-16 19:10 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-17 19:22 - 2011-09-05 15:12 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-17 18:50 - 2015-07-01 21:21 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-17 18:20 - 2011-07-25 19:07 - 00000000 ____D C:\Users\Lukas
2015-11-17 18:18 - 2015-10-28 17:17 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\istartsurf
2015-11-17 18:18 - 2015-07-10 10:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-11-17 18:18 - 2012-10-16 19:10 - 00000000 ____D C:\Windows\system32\Macromed
2015-11-17 18:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2015-11-12 18:01 - 2013-04-08 18:48 - 00000000 ____D C:\Users\Lukas\Desktop\Format Factory

==================== Files in the root of some directories =======

2014-12-10 19:19 - 2014-12-09 07:19 - 0000044 ____H () C:\Program Files (x86)\e6374727.tmp
2015-10-28 17:27 - 2015-10-28 17:27 - 0000053 _____ () C:\Users\Lukas\AppData\Roaming\Camdata.ini
2015-10-28 17:27 - 2015-10-28 17:27 - 0000408 _____ () C:\Users\Lukas\AppData\Roaming\CamLayout.ini
2015-10-28 17:27 - 2015-10-28 17:27 - 0000408 _____ () C:\Users\Lukas\AppData\Roaming\CamShapes.ini
2015-10-28 17:27 - 2015-10-28 17:27 - 0004549 _____ () C:\Users\Lukas\AppData\Roaming\CamStudio.cfg
2014-11-23 18:17 - 2014-11-23 18:33 - 0000702 _____ () C:\Users\Lukas\AppData\Roaming\Ping Monitor_Settings.ini
2013-06-30 18:42 - 2013-06-30 18:41 - 0030894 _____ () C:\Users\Lukas\AppData\Roaming\speedanalysis.ico
2015-03-20 22:46 - 2015-03-20 22:47 - 0011264 ___SH () C:\Users\Lukas\AppData\Roaming\Thumbs.db
2015-10-28 17:19 - 2015-10-28 17:19 - 0000096 _____ () C:\Users\Lukas\AppData\Roaming\version2.xml
2011-07-26 19:48 - 2015-12-06 08:07 - 0102912 _____ () C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-06 13:50 - 2013-05-06 13:50 - 0004096 ____H () C:\Users\Lukas\AppData\Local\keyfile3.drm
2015-11-06 20:46 - 2015-11-06 20:46 - 0000852 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2011-07-27 12:21 - 2015-03-21 18:09 - 0007609 _____ () C:\Users\Lukas\AppData\Local\resmon.resmoncfg
2014-06-28 20:39 - 2014-06-28 20:39 - 0000041 ___SH () C:\ProgramData\.zreglib
2012-02-11 18:14 - 2012-02-11 18:14 - 0000000 _____ () C:\ProgramData\946cce535fc1af24b2e6f5999318191b_c
2015-10-28 17:17 - 2015-12-09 09:38 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Some files in TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\KMP_4.0.1.5.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2011-07-26 10:46] - [2015-10-01 08:50] - 0357888 ____A (Microsoft Corporation) 603E16265E3BEB4D7216E81CB23BBC70

C:\Windows\SysWOW64\dnsapi.dll
[2011-07-26 10:46] - [2015-10-01 08:50] - 0270336 ____A (Microsoft Corporation) 53472F8CE2B1135443BC01123924486E

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

Light Image Resizer 4.6.0.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.6.0.0 - ObviousIdea)
Reduce PDF Size (HKLM-x32\...\{32BD8FD9-8990-46A0-B86B-857F11014DF6}_is1) (Version: - reducepdfsize.com)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lukas\Desktop" je 247473 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 09 pro 2015 22:39

Zdravím!

Z logu:

Velikost slozky "C:\Users\Lukas\Desktop" je 247473 MB.

To je příliš mnoho. Vytvořte v C:\Users\Lukas nový adresář, do něhož přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte pro snazší přístup zástupce té složky. V tomto stavu se zpomaluje start systému.

Pak spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Kvazielektron · #3 Příspěvek od **Kvazielektron** » 10 pro 2015 00:29

Další krok hotov:

# AdwCleaner v5.024 - Logfile created 10/12/2015 at 00:11:45
# Updated 07/12/2015 by Xplode
# Database : 2015-12-07.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Lukas - LUKAS-VAIO
# Running from : C:\Users\Lukas\Desktop\adwcleaner_5.024.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : IB Updater
[-] Service Deleted : SSFK
[-] Service Deleted : IhPul

***** [ Folders ] *****

[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\Program Files\IB Updater
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
[-] Folder Deleted : C:\Program Files (x86)\Conduit
[-] Folder Deleted : C:\Program Files (x86)\Desk 365
[-] Folder Deleted : C:\Program Files (x86)\incredibar.com
[-] Folder Deleted : C:\Program Files (x86)\Minibar
[-] Folder Deleted : C:\Program Files (x86)\VNT
[-] Folder Deleted : C:\Program Files (x86)\YourFileDownloader
[-] Folder Deleted : C:\Program Files (x86)\DeltaFix
[-] Folder Deleted : C:\Program Files (x86)\SFK
[!] Folder Not Deleted : C:\Program Files (x86)\YourFileDownloader
[-] Folder Deleted : C:\Program Files (x86)\Common Files\337
[-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\IBUpdaterService
[-] Folder Deleted : C:\ProgramData\Partner
[-] Folder Deleted : C:\ProgramData\ShopDroP
[-] Folder Deleted : C:\ProgramData\SoftSafe
[-] Folder Deleted : C:\ProgramData\Uniblue
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\AdBlocker Manger
[-] Folder Deleted : C:\ProgramData\FouN2Save
[-] Folder Deleted : C:\ProgramData\Fun2Savea
[!] Folder Not Deleted : C:\ProgramData\ShoPDrop
[-] Folder Deleted : C:\ProgramData\75a4e0a26efd57d6
[-] Folder Deleted : C:\ProgramData\8477147386869536726
[-] Folder Deleted : C:\ProgramData\gWMiniProg
[-] Folder Deleted : C:\ProgramData\coabphmfpdhckbffilkefdecfkpdpmpf
[-] Folder Deleted : C:\ProgramData\lbpldcdcgeapcpcicpkhbhdlnnlkmjji
[-] Folder Deleted : C:\ProgramData\lcnofbcfnoklafkhiknpchgcpdnbcgej
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\apn
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\AskPartnerNetwork
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\Conduit
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\genienext
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\Minibar
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\VNT
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\StormFall
[-] Folder Deleted : C:\Users\Lukas\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Lukas\AppData\LocalLow\incredibar.com
[-] Folder Deleted : C:\Users\Lukas\AppData\LocalLow\Minibar
[-] Folder Deleted : C:\Users\Lukas\AppData\Roaming\istartsurf
[-] Folder Deleted : C:\Users\Lukas\AppData\Roaming\newnext.me
[-] Folder Deleted : C:\Users\Lukas\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Lukas\AppData\Roaming\PerformerSoft
[-] Folder Deleted : C:\Users\Lukas\AppData\Roaming\pluswinks
[-] Folder Deleted : C:\Users\Lukas\AppData\Roaming\SpeedAnalysis2
[-] Folder Deleted : C:\Users\Lukas\AppData\Roaming\YourFileDownloader
[-] Folder Deleted : C:\Users\Lukas\AppData\Roaming\TSv
[!] Folder Not Deleted : C:\Users\Lukas\AppData\Roaming\YourFileDownloader
[-] Folder Deleted : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\Extensions\ffxtlbr@babylon.com
[-] Folder Deleted : C:\Windows\SysWOW64\WNLT
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\ortmp

***** [ Files ] *****

[-] File Deleted : C:\user.js
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
[-] File Deleted : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] File Deleted : C:\Users\Lukas\daemonprocess.txt
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Lukas\AppData\Roaming\speedanalysis.ico
[-] File Deleted : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\searchplugins\WebSearch.xml
[-] File Deleted : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\user.js
[-] File Deleted : C:\Windows\SysNative\roboot64.exe

***** [ DLLs ] *****

[-] File Disinfected : C:\Windows\SysNative\dnsapi.dll
[-] File Disinfected : C:\Windows\SysWOW64\dnsapi.dll

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : RunAsStdUser

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\iLivid.torrent
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
[-] Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\I
[-] Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
[-] Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
[-] Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [BackgroundHost.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD [BackgroundHost.exe]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
[-] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [pluswinks@PlusWinks]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [pluswinks@PlusWinks]
[-] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
[-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaahnibljmklpljnbpgfobmfpfhplch
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D6598005-A921-4F83-B6E6-F4F030D1BF37}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F6ECBD3-98B1-4044-8520-69407A70C83C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8A41F062-A222-4322-A8C4-26218BE869B9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0207057-3461-4F7F-B689-D016B7A03964}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C6A61AAE-D30B-4E7A-A3D8-8A34E5BA3414}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F19EF48-CB8C-416A-B84C-C33B02970632}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{382F6195-1B46-40D5-B9FD-0493263E6132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4F9AD2F2-3A64-470E-93F7-A03423E52ACA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A7C2FCDD-0359-49DD-8339-BE2A5BD60918}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5054562D-5247-006A-76A7-7A786E7484D7}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F6ECBD3-98B1-4044-8520-69407A70C83C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8A41F062-A222-4322-A8C4-26218BE869B9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0207057-3461-4F7F-B689-D016B7A03964}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C6A61AAE-D30B-4E7A-A3D8-8A34E5BA3414}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F19EF48-CB8C-416A-B84C-C33B02970632}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{382F6195-1B46-40D5-B9FD-0493263E6132}
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5054562D-5247-006A-76A7-7A786E7484D7}]
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\filescout
[-] Key Deleted : HKCU\Software\ilivid
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\ImInstaller
[-] Key Deleted : HKCU\Software\incredibar.com
[-] Key Deleted : HKCU\Software\Minibar
[-] Key Deleted : HKCU\Software\smarttweak
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\YourFileDownloader
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\VNT
[-] Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Desksvc
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\IB Updater
[-] Key Deleted : HKLM\SOFTWARE\incredibar.com
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\Minibar
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[!] Key Not Deleted : HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Key Deleted : HKLM\SOFTWARE\YourFileDownloader
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\TSv
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
[-] Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\IBUpdaterService
[-] Key Deleted : HKU\.DEFAULT\Software\VNT
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA1E3BF9-95EC-4606-A74D-26CDF2406006}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []

***** [ Web browsers ] *****

[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.thesearchpage.info/?pid=20462&r=2015/01/08&hid=15251881281741770283&lg=EN&cc=US&unqvl=74");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.order.1", "WebSearch");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxp://websearch.thesearchpage.info/?pid=20462&r=2015/01/08&hid=15251881281741770283&lg=EN&cc=US&unqvl=74&l=1&q=");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.thesearchpage.info/?pid=20462&r=2015/01/08&hid=15251881281741770283&lg=EN&cc=US&unqvl=74&l=1&q=");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[-] [C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [26904 bytes] ##########

Jak bych měl postupovat dál? Pár témat jsem si prošel, takže vím, že nejde zrovna o sprint

.

Kvazielektron · #4 Příspěvek od **Kvazielektron** » 10 pro 2015 08:03

+ jsem našel nějaké složky co program přesunul do "quarantine" ty mám nechat tak, nebo je jde taky nějak pořešit.
Jde jen o 75 MB z oblastí Program files, program files 86, Program data, rei, Useres, Windows a nějaký user.js.vir

#5 Příspěvek od **JaRon** » 10 pro 2015 10:31

pokial sa objavi Rudy, este urob toto - citat:
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

a napis, ci su nejake problemy

Kvazielektron · #6 Příspěvek od **Kvazielektron** » 10 pro 2015 11:59

Tak už jsem provedl další krok jak jste mě navedl a tady je výpis z logu.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Lukas (Administrator) on źt 10.12.2015 at 11:50:40,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 3

Successfully deleted: C:\Users\Lukas\AppData\Roaming\getrighttogo (Folder)
Successfully repaired: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk (Shortcut)
Successfully repaired: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk (Shortcut)

Deleted the following from C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js
user_pref(browser.search.order.1,S, WebSearch);
user_pref(browser.search.defaultenginename,S, WebSearch);
user_pref(browser.search.selectedEngine,S, WebSearch);

Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\CustomizeSearch (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 10.12.2015 at 11:57:46,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#7 Příspěvek od **JaRon** » 10 pro 2015 13:50

ak nie su problemy - tak:
citat:
•Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
•Oznacte jen moznost "Remove disinfection tools"
•kliknete na Run

Kvazielektron · #8 Příspěvek od **Kvazielektron** » 10 pro 2015 13:55

Není dobré všechno nechat těmi programy ještě jednou projít? U některých se mi stává, že když je hodně problémů, tak při opětovném spuštění ještě nějaký najdou. Jinak zatím se to zdá být už v pořádku.

#9 Příspěvek od **JaRon** » 10 pro 2015 14:12

nevidim dovod opakovat kontroly
a ADWCleaner je najlepsie mat cerstvy

Kvazielektron · #10 Příspěvek od **Kvazielektron** » 10 pro 2015 14:30

Vypadá to, že problém byl odstraněn a za to vám opravdu děkuju, už bylo otravné hledat něco na internetu.
Jen si musím přeinstalovat chrome. Při jeho startu mě to hodí úvodní stránkuhttp://www.yoursites123.com/?type=sc&ts ... M1954M1954

a zaboha se toho nemůžu zbavit, smazal jsem to i v nastavení a pořád se to objevuje.

#11 Příspěvek od **JaRon** » 10 pro 2015 14:42

pouzi zoek http://forum.viry.cz/viewtopic.php?f=13 ... k#p1427849

#12 Příspěvek od **cernohous13** » 10 pro 2015 14:47

Zdravím

zkontroluj toto - klik pravým na ikonu Chrome - Vlastnosti
okénko "Cíl" občas se tam skrývá dodatek

Kvazielektron · #13 Příspěvek od **Kvazielektron** » 10 pro 2015 15:15

cernohous13 píše:Zdravím

zkontroluj toto - klik pravým na ikonu Chrome - Vlastnosti
okénko "Cíl" občas se tam skrývá dodatek

Zoek zrovna běží, ten cíl jsem našel, ale co tam místo toho naškrábat?

co se tam píše když si chci zadat něco z rozhraní v chromu? a nejde o stránku. Třeba nová karta.

#14 Příspěvek od **cernohous13** » 10 pro 2015 16:27

Pokud tam nemáš přidáno za ... chrome.exe" http://www.yoursites123.com tak je problém jinde
ostatní nastavení musíš pohledat přímo v Chrome (nemám tak neporadím)

Kvazielektron · #15 Příspěvek od **Kvazielektron** » 10 pro 2015 16:36

Zoek vyřešil ten problém za mě, tady je výpis z logu.

Zoek.exe v5.0.0.1 Updated 09-December-2015
Tool run by Lukas on źt 10.12.2015 at 15:09:32,35.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lukas\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10.12.2015 15:11:25 Zoek.exe System Restore Point Created Successfully.

==== Hosts Hijacker detected ======================

C:\Windows\sysnative\evo\baf\ocoux.dat

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\EA Sports deleted successfully
C:\PROGRA~2\ElcomSoft deleted successfully
C:\PROGRA~2\LucasArts deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~2\SlySoft deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\PDF Architect 3 deleted successfully
C:\PROGRA~3\Roxio deleted successfully
C:\PROGRA~3\Solidshield deleted successfully
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully
C:\Users\Lukas\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Lukas\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Lukas\AppData\Local\EmieSiteList deleted successfully
C:\Users\Lukas\AppData\Local\EmieUserList deleted successfully
C:\Users\Lukas\AppData\Local\Sparta deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1129460984-616144676-2562209765-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} deleted successfully
HKEY_USERS\S-1-5-21-1129460984-616144676-2562209765-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BDEADE7F-C265-11D0-BCED-00A0C90AB50F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1129460984-616144676-2562209765-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== File Information Results ======================

--- C:\windows\SysNative\dnsapi.dll ---
Company: Microsoft Corporation
File Description: DNS Client API DLL
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. Všechna práva vyhrazena.
Original Filename: dnsapi
File type: ----a-w-
File size: 357888
Created time: 2011-07-26 09:46:01
Modified time: 2011-03-03 06:12:54
MD5: DCC0888655823103F19EF8FFD330080D
SHA1: 837256EDA1A57E074307C32001C76D981B0B193B

--- C:\Windows\syswow64\dnsapi.dll ---
Company: Microsoft Corporation
File Description: DNS Client API DLL
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. Všechna práva vyhrazena.
Original Filename: dnsapi
File type: ----a-w-
File size: 270336
Created time: 2011-07-26 09:46:01
Modified time: 2011-03-03 05:12:25
MD5: 1F79F611109C2B97260B68FD6B4FC7DD
SHA1: DAC0EA0D22C8E5F810677DE22A32715C52BA693D

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js:

Added to C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Batch Command(s) Run By Tool======================

C:\Windows\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\PROGRA~2\EA Sports not found
C:\PROGRA~2\ElcomSoft not found
C:\PROGRA~2\LucasArts not found
C:\PROGRA~2\Seznam.cz not found
C:\PROGRA~2\SlySoft not found
C:\PROGRA~2\VideoLAN not found
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Windows\syswow64\appdata deleted
C:\PROGRA~3\Battle.net deleted
C:\Users\Lukas\.android deleted
C:\PROGRA~2\e6374727.tmp deleted
C:\extensions.sqlite deleted
C:\found.000 deleted
C:\Users\Lukas\AppData\Roaming\sparta111 deleted
C:\Users\Lukas\AppData\Roaming\Ping Monitor_Settings.ini deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Lukas\AppData\Local\cache deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Users\Lukas\Desktop\Brothersoftdownloader_for_AutoClick.exe deleted
C:\Users\Lukas\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks deleted
C:\Users\Lukas\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com deleted
"C:\ProgramData\946cce535fc1af24b2e6f5999318191b_c" deleted

==== Files Found C:\Windows\*dnsapi.dll* ======================

2009-07-14 01:15:12 269824 ----a-w- 6D5A49D6479EB753C7879F73A4C35E0F C:\Windows\winsxs\WO43B1~1.163\dnsapi.dll --- C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_482c18d6d06b2c0d\dnsapi.dll
2009-07-14 01:40:31 356352 ----a-w- 05A2D26ACF0939A4E97160315F1FA12E C:\Windows\winsxs\AME03D~1.163\dnsapi.dll --- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsapi.dll
2010-02-03 22:33:59 15360 ----a-w- 58A0161D02A867EF4B72B0123FCB9CA0 C:\Windows\System32\cs-CZ\dnsapi.dll.mui --- C:\Windows\System32\cs-CZ\dnsapi.dll.mui
2010-02-03 22:33:59 15360 ----a-w- 58A0161D02A867EF4B72B0123FCB9CA0 C:\Windows\winsxs\AM63AD~1.163\DNSAPI~1.MUI --- C:\Windows\winsxs\amd64_microsoft-windows-dns-client.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_d59d1415119aca73\dnsapi.dll.mui
2010-02-03 22:34:04 15360 ----a-w- B57BA802B0118458D45B82FDC396CDF8 C:\Windows\SysWOW64\cs-CZ\dnsapi.dll.mui --- C:\Windows\SysWOW64\cs-CZ\dnsapi.dll.mui
2010-02-03 22:34:04 15360 ----a-w- B57BA802B0118458D45B82FDC396CDF8 C:\Windows\winsxs\WOBDB0~1.163\DNSAPI~1.MUI --- C:\Windows\winsxs\wow64_microsoft-windows-dns-client.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_dff1be6745fb8c6e\dnsapi.dll.mui
2010-02-03 22:34:57 15360 ----a-w- B57BA802B0118458D45B82FDC396CDF8 C:\Windows\winsxs\Backup\WO8EAC~1.MUI --- C:\Windows\winsxs\Backup\wow64_microsoft-windows-dns-client.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_dff1be6745fb8c6e_dnsapi.dll.mui_97465f8a
2010-02-03 22:34:59 15360 ----a-w- 58A0161D02A867EF4B72B0123FCB9CA0 C:\Windows\winsxs\Backup\AM2F18~1.MUI --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-dns-client.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_d59d1415119aca73_dnsapi.dll.mui_97465f8a
2010-11-20 12:18:32 270336 ----a-w- 59DF156711A76BCB993253EC6C9BBF41 C:\Windows\winsxs\WOE69B~1.175\dnsapi.dll --- C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll
2010-11-20 13:26:06 357888 ----a-w- A52B6CC24063CC83C78C0E6F24DEEC01 C:\Windows\winsxs\AMCF33~1.175\dnsapi.dll --- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll
2011-03-03 05:12:25 270336 ----a-w- 1F79F611109C2B97260B68FD6B4FC7DD C:\Windows\SysWOW64\dnsapi.dll --- C:\Windows\SysWOW64\dnsapi.dll
2011-03-03 05:12:25 270336 ----a-w- 1F79F611109C2B97260B68FD6B4FC7DD C:\Windows\winsxs\WO4E34~1.216\dnsapi.dll --- C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll
2011-03-03 05:29:23 269824 ----a-w- 62390F4ACE9E2B63E3CA26B7F7497897 C:\Windows\winsxs\WOF142~1.167\dnsapi.dll --- C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_4833ef7cd065b8b3\dnsapi.dll
2011-03-03 05:38:01 270336 ------w- B40420876B9288E0A1C8CCA8A84E5DC9 C:\Windows\winsxs\WOC8D6~1.175\dnsapi.dll --- C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll
2011-03-03 05:50:45 270336 ----a-w- 11DD7EB4446F25C132D0D8527DDCAF4D C:\Windows\winsxs\WOF7AA~1.209\dnsapi.dll --- C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_49006e49e950e0ac\dnsapi.dll
2011-03-03 06:12:54 357888 ----a-w- DCC0888655823103F19EF8FFD330080D C:\Windows\System32\dnsapi.dll --- C:\Windows\System32\dnsapi.dll
2011-03-03 06:12:54 357888 ----a-w- DCC0888655823103F19EF8FFD330080D C:\Windows\winsxs\AME967~1.216\dnsapi.dll --- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll
2011-03-03 06:17:09 356352 ----a-w- E247E7DEB20C0CF0801A8AC39E9CE1DF C:\Windows\winsxs\AM1DB0~1.167\dnsapi.dll --- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsapi.dll
2011-03-03 06:23:37 356864 ----a-w- B538E393F7FD85A054106FF21A4240EA C:\Windows\winsxs\AMB72B~1.209\dnsapi.dll --- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsapi.dll
2011-03-03 06:24:15 357888 ------w- 492D07D79E7024CA310867B526D9636D C:\Windows\winsxs\AM59C1~1.175\dnsapi.dll --- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll
2011-09-15 10:08:27 270336 ----a-w- B40420876B9288E0A1C8CCA8A84E5DC9 C:\Windows\winsxs\Backup\WO65AD~1.DLL --- C:\Windows\winsxs\Backup\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1_dnsapi.dll_c81f5791
2011-09-15 10:08:58 357888 ----a-w- 492D07D79E7024CA310867B526D9636D C:\Windows\winsxs\Backup\AMD19B~1.DLL --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6_dnsapi.dll_c81f5791

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\lb558846.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [28.11.2015 20:51]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28.11.2015 20:50]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10.10.2011 11:09]
lpgjmggepafkhenaeknpnjiceakbedpi - C:\Users\Lukas\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lpgjmggepafkhenaeknpnjiceakbedpi - C:\Users\Lukas\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx[]

Avast Online Security - Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Chromium Fix ======================

C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage-journal deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_finderr.net_0.localstorage deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_finderr.net_0.localstorage-journal deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.yoursites123.com/?type=hp&ts ... M1954M1954"
"Search Page"="http://www.yoursites123.com/web/?type=d ... earchTerms}"
"Default_Page_URL"="http://www.yoursites123.com/?type=hp&ts ... M1954M1954"
"Default_Search_URL"="http://www.yoursites123.com/web/?type=d ... earchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.yoursites123.com/?type=hp&ts ... M1954M1954"
"Start Page"="http://www.yoursites123.com/?type=hp&ts ... M1954M1954"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.yoursites123.com/?type=hp&ts ... M1954M1954"
"Start Page"="http://www.yoursites123.com/?type=hp&ts ... M1954M1954"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.yoursites123.com/?type=hp&ts ... M1954M1954"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} - http://www.yoursites123.com/web/?type=d ... earchTerms}
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{0DE3A979-025E-4055-9C52-2ABF91C1B45C} - http://www.zinio.com/search/index.jsp?s ... yie8search
HKCU\SearchScopes\{170DC629-71F2-46B8-8F2E-2BC8040AF2C7} - http://uk.shopping.com/?linkin_id=8056359
HKCU\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} - http://www.yoursites123.com/web/?type=d ... earchTerms}
HKCU\SearchScopes\{5968B84D-E4F8-412B-ADD0-D98AAA4DCC52} - http://rover.ebay.com/rover/1/710-42480 ... earchTerms}
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - http://127.0.0.1:4664/search&s=HmVsI4vm ... earchTerms}
HKCU\SearchScopes\{B84156CD-1625-4F36-B025-96DAAA3FC3BF} - http://www.google.com/search?sourceid=i ... EC_csCZ442
HKCU\SearchScopes\{E48CB6BC-CB83-4EFB-9F31-5F6B8FE6A7FD} - http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
HKCU\Wow6432Node\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
HKCU\Wow6432Node\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} - http://search.22find.com/web/?utm_sourc ... 1360145811

==== Reset Google Chrome ======================

C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Lukas\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\Lukas\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Lukas\Desktop\Downloads.lnk - C:\Users\Lukas\Downloads
C:\Users\Lukas\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Lukas\Desktop\GoldWave.lnk - C:\Program Files (x86)\GoldWave\GoldWave.exe
C:\Users\Lukas\Desktop\KMPlayer.lnk - C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
C:\Users\Lukas\Desktop\Light Image Resizer 4.lnk - C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
C:\Users\Lukas\Desktop\MAFIA II .lnk - C:\Program Files (x86)\2K Games\Mafia II\launcher.exe http://www.yoursites123.com/?type=sc&ts ... M1954M1954
C:\Users\Lukas\Desktop\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Users\Lukas\Desktop\Pharaoh.lnk - C:\SIERRA\Pharaoh\Pharaoh.exe /cd=E:\
C:\Users\Lukas\Desktop\PingPlotter Freeware.lnk - C:\Users\Lukas\AppData\Roaming\Microsoft\Installer\{8C99C3CB-763F-4D87-8ACA-81B6899207B1}\PingPlotter.ico
C:\Users\Lukas\Desktop\res_mods – zástupce.lnk -
C:\Users\Lukas\Desktop\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Lukas\Desktop\swkotor.exe – zástupce.lnk -
C:\Users\Lukas\Desktop\Torrenty – zástupce.lnk -
C:\Users\Lukas\Desktop\VŠECHNO.lnk -
C:\Users\Lukas\Desktop\World of tanks.lnk - C:\Games\World_of_Tanks\WoTLauncher.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Public\Desktop\BS.Player PRO.lnk - C:\Program Files (x86)\Webteh\BSplayerPro\bsplayer.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\Defraggler.lnk - C:\Program Files (x86)\Defraggler\Defraggler64.exe
C:\Users\Public\Desktop\Heroes of Might and Magic 3 Complete.lnk - C:\Program Files (x86)\GOG.com\Heroes of Might and Magic 3 Complete\gogwrap.exe GOGHOMM3COMPLETE
C:\Users\Public\Desktop\MP Navigator 2.0.lnk - C:\Program Files (x86)\Canon\MP Navigator 2.0\mpn20.exe
C:\Users\Public\Desktop\Reduce PDF Size.lnk - C:\Program Files (x86)\Reduce PDF Size\reducepdfsize.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe
C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\SONY\Sony PC Companion\PCCompanion.exe
C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win64.exe
C:\Users\Public\Desktop\Verdict Free.lnk - C:\Program Files (x86)\Verdict Free\Verdict.exe
C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Public\Desktop\X7 Oscar Editor.lnk - C:\Windows\Installer\{0F3BEAD5-4368-4CBC-9876-11B8475DE285}\OscarEditor.exe11_0F14F9C2D4AF42B6A57941A7B952E98E.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LucasArts\Star Wars Knights of the Old Republic\ Star Wars Knights of the Old Republic.lnk - G:\LucasArts\SWKotOR\launcher.exe http://www.yoursites123.com/?type=sc&ts ... M1954M1954
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LucasArts\Star Wars Knights of the Old Republic\ Update Star Wars Knights of the Old Republic.lnk - G:\LucasArts\SWKotOR\swupdate.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LucasArts\Star Wars Knights of the Old Republic\EULA.txt.lnk - G:\LucasArts\SWKotOR\docs\EULA.txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LucasArts\Star Wars Knights of the Old Republic\ReadMe-KotOR.txt.lnk - G:\LucasArts\SWKotOR\docs\ReadMe-KotOR.txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LucasArts\Star Wars Knights of the Old Republic\Star Wars Knights of the Old Republic Troubleshooting Guide.lnk - G:\LucasArts\SWKotOR\docs\KotOR Troubleshooting.rtf
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LucasArts\Star Wars Knights of the Old Republic\Uninstall Star Wars Knights of the Old Republic.lnk - C:\Program Files (x86)\InstallShield Installation Information\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}\Setup.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk - C:\Windows\System32\fsquirt.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.yoursites123.com/?type=sc&ts ... M1954M1954
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player PRO.lnk - C:\Program Files (x86)\Webteh\BSplayerPro\bsplayer.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.yoursites123.com/?type=sc&ts ... M1954M1954
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.yoursites123.com/?type=sc&ts ... M1954M1954
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Light Image Resizer 4.lnk - C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.yoursites123.com/?type=sc&ts ... M1954M1954
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk -
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.yoursites123.com/?type=sc&ts ... M1954M1954
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Správce úloh systému Windows.lnk -

==== shortcuts After Repair ======================

C:\Users\Lukas\Desktop\MAFIA II .lnk - C:\Program Files (x86)\2K Games\Mafia II\launcher.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LucasArts\Star Wars Knights of the Old Republic\ Star Wars Knights of the Old Republic.lnk - G:\LucasArts\SWKotOR\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E9E05D79-8DD2-8901-2A58-DD12D103CDFB} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Lukas\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=263 folders=76 28191411 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lukas\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lukas\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted

==== EOF on źt 10.12.2015 at 16:28:48,83 ======================

Podle těch masivních logů, jsem tam měl asi solidní bo.del co? Vypadá to, že hlavní problémy jste mi pánové pomohli zdárně vyřešit.
Jestli vás napadá ještě něco co bych mohl mít zabo.delené, tak mi poraďte co udělat. Jsem si jistý, že problému tu bude jak máku, jen je sám nedokážu rozpoznat.

VIRY.CZ

Otravné stránky a kdo ví co ještě....

Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....

Re: Otravné stránky a kdo ví co ještě....