Nálezy v MBAM

[antal]

Prosím o radu k dalšímu kroku: provedl jsem scan mbar a MBAM (přikládám log, nevím zda můžu odstranit):
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.10.15.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
BENESL :: M898 [administrátor]

Ochrana: Povolena

15.10.2013 13:05:28
MBAM-log-2013-10-15 (13-20-39).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 331720
Uplynulý čas: 10 minut, 51 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Nebyla provedena žádná instrukce.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Špatný: (http://search.conduit.com?SearchSource= ... =CT3298566) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 6
C:\ProgramData\TheBflix (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\data (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\downloads (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Roaming\OpenCandy\9D539649FAE6435FB479758F5B19B104 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 17
C:\Users\benesl\Downloads\Express_Installer.exe (PUP.Optional.iBryte) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Local\Conduit\CT3072253\uTorrentControl2AutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SkywalkerSetup[2].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WSSetup[2].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WSSetup[5].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\HHW5ACX9\WSSetup[1].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\bhoclass.dl (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\ljbceobghndkodeejhkhhlbfkehapdpe.crx (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\profile.ini (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\runtime.dll (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Roaming\OpenCandy\9D539649FAE6435FB479758F5B19B104\PCSU_SL_3.1.2.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)
Pro úplnost přikládám ještě log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by BENESL at 2013-10-15 13:26:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 53 GB (35%) free of 152 GB
Total RAM: 1982 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:26:20, on 15.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
C:\Users\benesl\Downloads\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\BENESL.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3298566
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen] "C:\Windows\system32\Rundll32.exe" "C:\Program Files\Conduit\CT3298566\plugins\TBVerifier.dll",RunConduitFloatingPlugin fdkednngfjmpnljkolbapdednncafhen
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-876359995-2462572216-2444156064-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-876359995-2462572216-2444156064-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: EarthDesk.lnk = C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe
O4 - Global Startup: Microsoft Outlook 2010.lnk = ?
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Statistika součásti Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nkp.cz
O17 - HKLM\Software\..\Telephony: DomainName = nkp.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = nkp.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = nkp.cz
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: Kaspersky Lab Network Agent (klnagent) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI3231.tmp
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_124a1a436c563c4c\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

--
End of file - 12899 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Product InstallerIdle.job
C:\Windows\tasks\TheBflixUpdaterTask{BEB734D7-953C-449B-92B5-018C485CAA3D}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 61&UM=2&q="

"quickprint@hp.com"=C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"=C:\Program Files\Web Assistant\Firefox
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\extensions\
{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\searchplugins\
askcom.xml
mixidj-v30-customized-web-search.xml
MyStart Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2013-05-02 241464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-24 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-24 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2013-05-02 696000]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2008-02-15 405504]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-02-03 3508624]
"HPUsageTrackingLEDM"=C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2012-04-18 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2013-09-16 295512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-02-03 943504]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-03-14 21416]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2013-03-27 1098072]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-11-07 39408]
"ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen"=C:\Program Files\Conduit\CT3298566\plugins\TBVerifier.dll [1617-11-28 287008]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe

C:\Users\benesl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EarthDesk.lnk - C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun_KL_notset"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.dvsd"=pdvcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-15 13:03:13 ----D---- C:\Users\benesl\AppData\Roaming\Malwarebytes
2013-10-15 13:02:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-10-15 13:02:34 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-10-15 12:25:30 ----D---- C:\ProgramData\Malwarebytes
2013-10-15 12:25:20 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-15 12:25:20 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2013-10-15 12:23:49 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-10-11 13:58:16 ----D---- C:\rsit
2013-10-11 13:58:16 ----D---- C:\Program Files\trend micro
2013-10-11 04:29:15 ----D---- C:\Windows\rescache
2013-10-11 03:16:52 ----SHD---- C:\Config.Msi
2013-10-11 03:14:05 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 03:14:05 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 03:14:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 03:14:04 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 03:14:03 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 03:14:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 03:14:01 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 03:13:59 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 03:13:58 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 03:13:55 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 00:46:41 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 00:46:40 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 00:46:40 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 00:46:40 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 00:46:39 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 00:46:39 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 00:46:39 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 00:46:37 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 00:46:37 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 00:46:36 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 00:46:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 00:46:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 00:46:28 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 00:46:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 00:46:28 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 00:46:28 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 00:46:26 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 00:46:21 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 00:46:15 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 00:45:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-11 00:45:23 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 02:37:22 ----D---- C:\Program Files\Mozilla Firefox
2013-10-07 14:20:20 ----D---- C:\ProgramData\Conduit
2013-10-07 13:54:37 ----D---- C:\Users\benesl\AppData\Roaming\Mirillis
2013-10-07 13:54:37 ----D---- C:\ProgramData\Mirillis
2013-10-07 13:51:17 ----D---- C:\Program Files\Mirillis
2013-10-04 12:41:39 ----A---- C:\Windows\system32\FAP51E5.tmp
2013-10-04 12:27:43 ----D---- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-10-04 10:56:39 ----D---- C:\Program Files\Enigma Software Group
2013-10-04 10:54:34 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-09-27 12:53:18 ----D---- C:\Program Files\FDRLab
2013-09-20 08:46:49 ----D---- C:\Program Files\AntiTwin
2013-09-17 15:34:51 ----D---- C:\Program Files\DebugMode
2013-09-16 08:12:31 ----D---- C:\Program Files\RealNetworks
2013-09-16 08:12:30 ----D---- C:\ProgramData\RealNetworks
2013-09-16 08:11:14 ----D---- C:\Program Files\Common Files\xing shared

======List of files/folders modified in the last 1 month======

2013-10-15 13:26:20 ----D---- C:\Windows\Temp
2013-10-15 13:26:20 ----D---- C:\Windows\Prefetch
2013-10-15 13:15:22 ----D---- C:\Windows\system32\config
2013-10-15 13:04:42 ----D---- C:\Windows\system32\drivers
2013-10-15 13:02:34 ----RD---- C:\Program Files
2013-10-15 12:54:22 ----D---- C:\Windows\system32\Tasks
2013-10-15 12:54:17 ----D---- C:\Users\benesl\AppData\Roaming\Orbit
2013-10-15 12:52:52 ----D---- C:\ProgramData\Kaspersky Lab
2013-10-15 12:50:42 ----D---- C:\Windows
2013-10-15 12:50:16 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-10-15 12:50:13 ----D---- C:\Windows\addins
2013-10-15 12:50:13 ----D---- C:\ProgramData\TheBflix
2013-10-15 12:45:54 ----SHD---- C:\System Volume Information
2013-10-15 12:25:30 ----HD---- C:\ProgramData
2013-10-14 13:21:41 ----D---- C:\Windows\System32
2013-10-14 13:21:41 ----D---- C:\Windows\inf
2013-10-14 13:21:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-11 13:39:43 ----D---- C:\Windows\Panther
2013-10-11 13:39:43 ----D---- C:\Windows\debug
2013-10-11 13:07:54 ----D---- C:\Program Files\smartdl
2013-10-11 04:01:36 ----D---- C:\Windows\Microsoft.NET
2013-10-11 04:00:54 ----RSD---- C:\Windows\assembly
2013-10-11 03:53:59 ----D---- C:\Windows\winsxs
2013-10-11 03:52:14 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 03:49:24 ----D---- C:\Windows\system32\cs-CZ
2013-10-11 03:49:24 ----D---- C:\Program Files\Internet Explorer
2013-10-11 03:49:22 ----D---- C:\Windows\system32\DriverStore
2013-10-11 03:30:23 ----SHD---- C:\Windows\Installer
2013-10-11 03:30:16 ----D---- C:\ProgramData\Microsoft Help
2013-10-11 03:26:10 ----D---- C:\Windows\system32\MRT
2013-10-11 03:18:50 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 03:14:34 ----D---- C:\Windows\system32\catroot
2013-10-11 03:14:32 ----D---- C:\Windows\system32\catroot2
2013-10-09 11:05:15 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-07 14:19:54 ----D---- C:\Program Files\Conduit
2013-10-07 13:51:20 ----SD---- C:\Users\benesl\AppData\Roaming\Microsoft
2013-10-04 12:41:15 ----D---- C:\Program Files\CCleaner
2013-10-04 10:54:34 ----D---- C:\Program Files\Common Files
2013-09-24 12:46:55 ----D---- C:\Program Files\OpenApp
2013-09-19 13:42:46 ----D---- C:\downloads
2013-09-16 08:11:18 ----D---- C:\Program Files\Real
2013-09-16 08:11:10 ----D---- C:\ProgramData\Real
2013-09-16 08:11:05 ----A---- C:\Windows\system32\rmoc3260.dll
2013-09-16 08:10:52 ----A---- C:\Windows\system32\pndx5032.dll
2013-09-16 08:10:52 ----A---- C:\Windows\system32\pndx5016.dll
2013-09-16 08:10:48 ----A---- C:\Windows\system32\pncrt.dll
2013-09-16 08:10:36 ----A---- C:\Windows\system32\msvcr71.dll
2013-09-16 08:10:35 ----A---- C:\Windows\system32\msvcp71.dll
2013-09-16 08:03:23 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-11-14 43840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-11-12 126480]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-06-07 233560]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2011-06-07 22104]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2012-03-15 231760]
R2 aksfridge;Sentinel HASP Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2010-09-27 356864]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2009-12-09 588800]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\Windows\system32\DRIVERS\klfltdev.sys [2009-09-03 24848]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-10-15 40776]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2008-02-15 330752]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 9216]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2009-03-13 238208]
S3 akshhl;SafeNet Inc. Sentinel HASP Key; C:\Windows\system32\DRIVERS\akshhl.sys [2007-07-23 46336]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2009-06-22 16384]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AVP;Kaspersky Anti-Virus 6.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-27 185688]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2010-09-27 4180576]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 247352]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 99896]
R2 klnagent;Kaspersky Lab Network Agent; C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe [2012-08-02 124632]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-03 1258856]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSI3231.tmp [2012-05-21 163656]
R2 STacSV;SigmaTel Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_124a1a436c563c4c\STacSV.exe [2008-02-15 102400]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2009-12-07 1590216]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-07 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-07 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-15 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-01-16 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-07 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[vyosek]

Zdravim

Jen se zeptam, jedna se o domaci PC nebo nejake pracovni\firemni

[antal]

Jedná se původně o firemní, ale odkoupil jsem ho a používám soukromně.

[vyosek]

Mohu vedet, proc jste pouzil tlacitko nahlaseni vaseho threadu moderatorum fora a jako duvod jste uvedl Warez » Zpráva obsahuje odkaz na nelegální nebo pirátský software.

Tak copak tam mate nelegalniho?? Nebo vite vubec k cemu to tlacitko slouzi?

Nalezy MBAMu smazte, objevi se log, ten rad uvidim

[antal]

Omlouvám se! Nevšiml jsem si přednastaveného předmětu.

16.10.2013 16:09:34
mbam-log-2013-10-16 (16-09-34).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 332064
Uplynulý čas: 12 minut, 52 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Špatný: (http://search.conduit.com?SearchSource= ... =CT3298566) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 6
C:\ProgramData\TheBflix (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\data (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\downloads (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\Users\benesl\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Users\benesl\AppData\Roaming\OpenCandy\9D539649FAE6435FB479758F5B19B104 (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 17
C:\Users\benesl\Downloads\Express_Installer.exe (PUP.Optional.iBryte) -> Přesun do karantény a smazání se zdařilo.
C:\Users\benesl\AppData\Local\Conduit\CT3072253\uTorrentControl2AutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SkywalkerSetup[2].exe (PUP.Optional.InstallBrain.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WSSetup[2].exe (PUP.Optional.InstallBrain.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WSSetup[5].exe (PUP.Optional.InstallBrain.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\HHW5ACX9\WSSetup[1].exe (PUP.Optional.InstallBrain.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\bhoclass.dl (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\ljbceobghndkodeejhkhhlbfkehapdpe.crx (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\profile.ini (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\runtime.dll (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Přesun do karantény a smazání se zdařilo.
C:\Users\benesl\AppData\Roaming\OpenCandy\9D539649FAE6435FB479758F5B19B104\PCSU_SL_3.1.2.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.

(konec)

[vyosek]

Takto, proc jste jej vubec nahlasoval?? Ceho jste chtel docilit, nebo co mylo umyslem to tema nahlasit??

Udelejte uplnou komtrolu MBAM a opet dejte log

[antal]

Myslel jsem, že jen dávám upozornění na svůj dotaz. Už to neudělám...
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.15.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
BENESL :: M898 [administrátor]

Ochrana: Povolena

16.10.2013 16:49:10
MBAM-log-2013-10-17 (11-51-29).txt

Typ: Kompletní kontrola (C:\|F:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 606031
Uplynulý čas: 3 hodin, 21 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Program Files\smartdl\vfd.exe (Adware.Dropper) -> Nebyla provedena žádná instrukce.

(konec)

[vyosek]

A proc jste chtel na svuj dotaz upozornit?? My vime ze je tu umisteny a reagujeme na nej dle naseho casu. Nase forum funguje na bazi dobrovolnosti, vsichni jsme tu ZDARMA a ve svem VOLNEM case. Pokud jste potreboval urgentni pomoc, tak si zaplatte servis. Pokud se Vam tu nechce cekat, nidko vas tu nenuti byt, tlaictko Odhlasit je vlevo nahore

Nalezy MBAMu smazte, obejvi se log, ten rad uvidim

[antal]

Jsem tady poprvé a udělal jsem chybu, za kterou jsem se omluvil. Také jsem slíbil, že ji už nebudu opakovat. Moc děkuji za to, že se mi i přesto věnujete! Měl bych udělat ještě něco?

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.15.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
BENESL :: M898 [administrátor]

Ochrana: Povolena

16.10.2013 16:49:10
mbam-log-2013-10-16 (16-49-10).txt

Typ: Kompletní kontrola (C:\|F:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 606031
Uplynulý čas: 3 hodin, 21 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Program Files\smartdl\vfd.exe (Adware.Dropper) -> Přesun do karantény a smazání se zdařilo.

(konec)

[vyosek]

Ja vasi omluvu prijimam, jen jsem vysvetloval k cemu tlacitko nahalseni slouzi. Uricte to neni k urgenci radcu, je to jen k nahlaseni tema, ktera nejak porusuji pravidla ci je s nimi neco v neporadku

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[antal]

Jasně! Chápu.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Professional x86
Ran by BENESL on źt 17.10.2013 at 12:41:14,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1125209875-2129146331-623647154-7692\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\utorrentcontrol2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bhoclass.bho.bhoclass.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bhoclass.bho.bhoclass.bho.1.0
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\app24x7help_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\app24x7help_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{71277dc4-4217-462a-9ff4-62d7815b2c69}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2737658
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3298566
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{48E2E0FB-FC99-4292-A679-0D7D21C5980B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D2E94555-5997-47B9-8E53-82E9C3A844C2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}



~~~ Files

Successfully deleted: [File] "C:\Users\benesl\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\addict-thing"
Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\ProgramData\optimizerpro"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\Users\benesl\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\benesl\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\benesl\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\benesl\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\benesl\appdata\locallow\addict-thing"
Successfully deleted: [Folder] "C:\Users\benesl\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\benesl\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Users\benesl\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\benesl\appdata\locallow\thebflix"
Successfully deleted: [Folder] "C:\Users\benesl\appdata\locallow\utorrentcontrol2"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\Program Files\openapp"
Failed to delete: [Folder] "C:\Program Files\orbitdownloader"
Successfully deleted: [Folder] "C:\Program Files\smartdl"
Successfully deleted: [Folder] "C:\Program Files\utorrentcontrol2"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thebflix"
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\benesl\AppData\Roaming\mozilla\firefox\profiles\c2kvhy0v.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\benesl\AppData\Roaming\mozilla\firefox\profiles\c2kvhy0v.default\searchplugins\mystart search.xml
Successfully deleted: [Folder] C:\Users\benesl\AppData\Roaming\mozilla\firefox\profiles\c2kvhy0v.default\smartbar
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{336d0c35-8a85-403a-b9d2-65c292c39087}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{fe1deeea-db6d-44b8-83f0-34fc0f9d1052}
Successfully deleted the following from C:\Users\benesl\AppData\Roaming\mozilla\firefox\profiles\c2kvhy0v.default\prefs.js

user_pref("CT2737658.1000082.isPlayDisplay", "true");
user_pref("CT2737658.1000082.state", "{\"state\":\"stopped\",\"text\":\"Classic R...\",\"description\":\"Classic Rock\",\"url\":\"hxxp://www.gotradio.com/player/launch.asp?id=
user_pref("CT2737658.CT2737658ads1", "%7B%22ads%22%3A%5B%7B%22aid%22%3A%2250602%22%2C%22title%22%3A%22%u21E8%20Boost%20Up%20Your%20Download%21%22%2C%22adtext1%22%3A%22Optimize
user_pref("CT2737658.CT2737658current_term", "");
user_pref("CT2737658.CT2737658sdate", "3");
user_pref("CT2737658.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.FirstTime", "true");
user_pref("CT2737658.FirstTimeFF3", "true");
user_pref("CT2737658.RSSapp2737658a129531115111807042000000ReadItemsArr", "%7B%22hxxp%3A%2F%2Fwww.nytimes.com%2F2012%2F10%2F04%2Fworld%2Fmiddleeast%2Fsyria.html%22%3A0%2C%22ht
user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat0", "%5B%7B%22type%22%3A%22rss%22%2C%22version%22%3A%222.0%22%2C%22title%22%3A%22NYT%20%3E%20Home%20Page%22%2C%22
user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat2", "%5B%7B%22type%22%3A%22rss%22%2C%22version%22%3A%222.0%22%2C%22title%22%3A%22People.com%20Latest%20News%22%2C
user_pref("CT2737658.RSSapp2737658a129531115111807042000000embeddedVersion", "2.5.0");
user_pref("CT2737658.RSSapp2737658a129531115111807042000000lastReportTime", "1349267154656 ");
user_pref("CT2737658.RSSapp2737658a129531115111807042000000newFeeds", "newFeeds");
user_pref("CT2737658.UserID", "UN26389826366741287");
user_pref("CT2737658.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2737658.autoDisableScopes", 0);
user_pref("CT2737658.browser.search.defaultthis.engineName", true);
user_pref("CT2737658.cbcountry_001", "CZ");
user_pref("CT2737658.cbfirsttime", "Wed Oct 03 2012 14:25:26 GMT+0200");
user_pref("CT2737658.defaultSearch", "true");
user_pref("CT2737658.enableAlerts", "false");
user_pref("CT2737658.enableSearchFromAddressBar", "true");
user_pref("CT2737658.firstTimeDialogOpened", "true");
user_pref("CT2737658.fixPageNotFoundError", "true");
user_pref("CT2737658.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2737658.fixUrls", true);
user_pref("CT2737658.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.isNewTabEnabled", true);
user_pref("CT2737658.isPerformedSmartBarTransition", "true");
user_pref("CT2737658.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT2737658.keyword", true);
user_pref("CT2737658.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp:/
user_pref("CT2737658.openThankYouPage", "false");
user_pref("CT2737658.openUninstallPage", "true");
user_pref("CT2737658.search.searchAppId", "129258407936791975");
user_pref("CT2737658.search.searchCount", "0");
user_pref("CT2737658.searchInNewTabEnabledInHidden", "true");
user_pref("CT2737658.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2737658.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2737658\"}");
user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FreeOnlineRadioPlayerRecorder.OurToolbar.com//xpi\"}"
user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FreeOnlineRadioPlayerRecorder\"}");
user_pref("CT2737658.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1349268626379");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1349268626257");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "1349268626741");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1349268626562");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-google_lastUpdate", "1349268626763");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1349268626292");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-time_lastUpdate", "1349268626692");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1349268626442");
user_pref("CT2737658.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1349267106630");
user_pref("CT2737658.serviceLayer_services_appsMetadata_lastUpdate", "1349267106498");
user_pref("CT2737658.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1349267108546");
user_pref("CT2737658.serviceLayer_services_login_10.10.27.6_lastUpdate", "1349267114184");
user_pref("CT2737658.serviceLayer_services_optimizer_lastUpdate", "1349267107361");
user_pref("CT2737658.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1349267108441");
user_pref("CT2737658.serviceLayer_services_searchAPI_lastUpdate", "1349267105655");
user_pref("CT2737658.serviceLayer_services_serviceMap_lastUpdate", "1349267105260");
user_pref("CT2737658.serviceLayer_services_toolbarContextMenu_lastUpdate", "1349267108488");
user_pref("CT2737658.serviceLayer_services_toolbarSettings_lastUpdate", "1349267105540");
user_pref("CT2737658.serviceLayer_services_translation_lastUpdate", "1349267106409");
user_pref("CT2737658.settingsINI", true);
user_pref("CT2737658.shouldFirstTimeDialog", "false");
user_pref("CT2737658.smartbar.CTID", "CT2737658");
user_pref("CT2737658.smartbar.Uninstall", "0");
user_pref("CT2737658.smartbar.homepage", true);
user_pref("CT2737658.smartbar.toolbarName", "FreeOnlineRadioPlayerRecorder ");
user_pref("CT2737658.startPage", "userChanged");
user_pref("CT2737658.toolbarBornServerTime", "3-10-2012");
user_pref("CT2737658.toolbarCurrentServerTime", "3-10-2012");
user_pref("CT2737658.url_history0001", "hxxp://www.ulozto.cz/xvFvhrw/smrtici-triky-cz- ... e3/out.php?
user_pref("CT3298566.1000082.isPlayDisplay", "true");
user_pref("CT3298566.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.
user_pref("CT3298566.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3298566.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3298566.FF19Solved", "true");
user_pref("CT3298566.FirstTime", "true");
user_pref("CT3298566.FirstTimeFF3", "true");
user_pref("CT3298566.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT3298566.TopHitsConfig.enc", "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL3N0b3JhZ2UuY29uZHVpdC5jb20vcHMvVG9wSGl0c0dlbmVyaWNBcHAvY29uZmlncy9VUy1VSy1EYW5jZS1Sb2NrLVJhcC9zc
user_pref("CT3298566.UserID", "UN32472598882992461");
user_pref("CT3298566.YTbyClickFavorites.enc", "W10=");
user_pref("CT3298566.YTbyClickRecent.enc", "W10=");
user_pref("CT3298566.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3298566.browser.search.defaultthis.engineName", "true");
user_pref("CT3298566.cb_experience_000.enc", "Ng==");
user_pref("CT3298566.cb_firstuse0100.enc", "MQ==");
user_pref("CT3298566.cb_user_id_000.enc", "Q0IxMzIyMzY0NDIzMl8xMzgxODMyMzA5NzA0X0ZpcmVmb3g=");
user_pref("CT3298566.cbfirsttime.enc", "RnJpIE9jdCAxMSAyMDEzIDA5OjI4OjQ2IEdNVCswMjAw");
user_pref("CT3298566.countryCode", "CZ");
user_pref("CT3298566.defaultSearch", "true");
user_pref("CT3298566.embeddedsData", "[{\"appId\":\"130110228003246321\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT3298566.enableAlerts", "true");
user_pref("CT3298566.enableSearchFromAddressBar", "true");
user_pref("CT3298566.enlargeSearchBox", "{\"enabled\":true,\"maxWidth\":1000,\"minWidth\":250,\"width\":500}");
user_pref("CT3298566.firstTimeDialogOpened", "true");
user_pref("CT3298566.fixPageNotFoundError", "true");
user_pref("CT3298566.fixPageNotFoundErrorByUser", "true");
user_pref("CT3298566.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3298566.fullUserID", "UN32472598882992461.IN.20131007141856");
user_pref("CT3298566.homepageuserchanged", true);
user_pref("CT3298566.installDate", "07/10/2013 14:19:01");
user_pref("CT3298566.installId", "cid111");
user_pref("CT3298566.installSessionId", "{CEE53E74-EF7B-4A2A-BE04-4C01F9DB3CDC}");
user_pref("CT3298566.installSp", "TRUE");
user_pref("CT3298566.installType", "DirectDownload");
user_pref("CT3298566.installUsage", "2013-10-11T10:26:29.0322064+03:00");
user_pref("CT3298566.installUsageEarly", "2013-10-11T10:26:26.3021714+03:00");
user_pref("CT3298566.installerVersion", "1.7.1.7");
user_pref("CT3298566.isCheckedStartAsHidden", true);
user_pref("CT3298566.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3298566.isFirstTimeToolbarLoading", "false");
user_pref("CT3298566.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3298566.keyword", "true");
user_pref("CT3298566.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3298566&octid=CT3298566&SearchSource=15&CUI=UN3247259888299246
user_pref("CT3298566.lastVersion", "10.20.1.508");
user_pref("CT3298566.mam_gk_appStateReportTime.enc", "MTM4MTgzNDU5MjQ0OA==");
user_pref("CT3298566.mam_gk_appState_CouponBuddy.enc", "b24=");
user_pref("CT3298566.mam_gk_appState_Easytobook.enc", "b24=");
user_pref("CT3298566.mam_gk_appState_Easytobook_targeted.enc", "b24=");
user_pref("CT3298566.mam_gk_appState_PriceGong.enc", "b24=");
user_pref("CT3298566.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFV
user_pref("CT3298566.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT3298566.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiJiYzQxMWJkMi1hZjViLTQ0MmItYT
user_pref("CT3298566.mam_gk_currentVersion.enc", "MS4xMC40LjA=");
user_pref("CT3298566.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
user_pref("CT3298566.mam_gk_first_time.enc", "MQ==");
user_pref("CT3298566.mam_gk_installer_preapproved.enc", "VFJVRQ==");
user_pref("CT3298566.mam_gk_lastLoginTime.enc", "MTM4MTgzNDU5MzE3NA==");
user_pref("CT3298566.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHM
user_pref("CT3298566.mam_gk_new_welcome_experience.enc", "MQ==");
user_pref("CT3298566.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT3298566.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjo
user_pref("CT3298566.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT3298566.mam_gk_userId.enc", "OGQ4ZjczYzktMzk3MS00YmJmLTkxZTgtYTc1ZTJlMWUyODVk");
user_pref("CT3298566.mam_gk_user_approval_interacted.enc", "MQ==");
user_pref("CT3298566.mam_gk_welcomeDialogMode.enc", "MQ==");
user_pref("CT3298566.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://MixiDJV30.Our
user_pref("CT3298566.openThankYouPage", "false");
user_pref("CT3298566.openUninstallPage", "true");
user_pref("CT3298566.originalHomepage", "hxxp://www.seznam.cz/");
user_pref("CT3298566.originalSearchAddressUrl", false);
user_pref("CT3298566.originalSearchEngine", "Google");
user_pref("CT3298566.originalSearchEngineName", "Google");
user_pref("CT3298566.revertSettingsEnabled", "false");
user_pref("CT3298566.search.searchAppId", "130110228003246321");
user_pref("CT3298566.search.searchCount", "2");
user_pref("CT3298566.searchFromAddressBarEnabledByUser", "true");
user_pref("CT3298566.searchInNewTabEnabledByUser", "true");
user_pref("CT3298566.searchInNewTabEnabledInHidden", "true");
user_pref("CT3298566.searchRevert", "false");
user_pref("CT3298566.searchSuggestEnabledByUser", "true");
user_pref("CT3298566.searchUserMode", "2");
user_pref("CT3298566.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3298566.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3298566.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3298566.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3298566\"}");
user_pref("CT3298566.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://MixiDJV30.OurToolbar.com//xpi\"}");
user_pref("CT3298566.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"MixiDJ V30 \"}");
user_pref("CT3298566.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3298566.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT3298566.serviceLayer_services_Configuration_lastUpdate", "1381934248523");
user_pref("CT3298566.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1381476495940");
user_pref("CT3298566.serviceLayer_services_appsMetadata_lastUpdate", "1381934248391");
user_pref("CT3298566.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1381476495634");
user_pref("CT3298566.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1381476493298");
user_pref("CT3298566.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1381476496637");
user_pref("CT3298566.serviceLayer_services_login_10.20.1.508_lastUpdate", "1381991852515");
user_pref("CT3298566.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1381476495844");
user_pref("CT3298566.serviceLayer_services_searchAPI_lastUpdate", "1381934248517");
user_pref("CT3298566.serviceLayer_services_serviceMap_lastUpdate", "1381934248382");
user_pref("CT3298566.serviceLayer_services_setupAPI_lastUpdate", "1381476493505");
user_pref("CT3298566.serviceLayer_services_toolbarContextMenu_lastUpdate", "1381476495951");
user_pref("CT3298566.serviceLayer_services_toolbarSettings_lastUpdate", "1381999051953");
user_pref("CT3298566.serviceLayer_services_translation_lastUpdate", "1381934248241");
user_pref("CT3298566.settingsINI", true);
user_pref("CT3298566.shouldFirstTimeDialog", "false");
user_pref("CT3298566.showToolbarPermission", "false");
user_pref("CT3298566.smartbar.CTID", "CT3298566");
user_pref("CT3298566.smartbar.Uninstall", "0");
user_pref("CT3298566.smartbar.homepage", "true");
user_pref("CT3298566.smartbar.toolbarName", "MixiDJ V30 ");
user_pref("CT3298566.startPage", "true");
user_pref("CT3298566.toolbarBornServerTime", "11-10-2013");
user_pref("CT3298566.toolbarCurrentServerTime", "17-10-2013");
user_pref("CT3298566.toolbarLoginClientTime", "Fri Oct 11 2013 09:28:16 GMT+0200");
user_pref("CT3298566.url_history0001.enc", "aHR0cDovL2NzLndpa2lwZWRpYS5vcmcvd2lraS9Sb290a2l0Ojo6Y2xpY2toYW5kbGVyOjo6MTM4MTgzMjU3NDA1NiwsLGh0dHA6Ly9jcy53aWtpcGVkaWEub3JnL3dpa2k
user_pref("CT3298566.versionFromInstaller", "10.20.1.8");
user_pref("CT3298566.xpeMode", "0");
user_pref("CT3298566_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1382006085848,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.keywordURLSelectedCTID", "CT3298566");
user_pref("extensions.toolbar@ask.com.install-event-fired", true);
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN32472598882992461&UM=2&q=");
user_pref("smartbar.addressBarOwnerCTID", "CT3298566");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN32472598882992461&UM=2&q=");
user_pref("smartbar.defaultSearchOwnerCTID", "CT3298566");
user_pref("smartbar.homePageOwnerCTID", "CT3298566");
user_pref("smartbar.machineId", "F0SK2S3HZ5WGP2VNKNYO0V1D9FUZ/2Z4GW/EROIYHYT5HYVJ/F4TH6MCVYTD+PS8SQGNJCR/ENFROHC1KR3AIG");
user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio
user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_referrer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://www.hellspy.com/search/?
user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://127.0.0.1:54321/ping
Emptied folder: C:\Users\benesl\AppData\Roaming\mozilla\firefox\profiles\c2kvhy0v.default\minidumps [69 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 17.10.2013 at 12:47:45,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




# AdwCleaner v3.008 - Report created 17/10/2013 at 13:02:29
# Updated 17/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : BENESL - M898
# Running from : C:\Users\benesl\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Users\technikus\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\Smartbar
Folder Deleted : C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\CT3298566
Folder Deleted : C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\Extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen
Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
[!] Folder Deleted : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
File Deleted : C:\Program Files\Mozilla Firefox\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Redirect Cache]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page Redirect Cache]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [blank]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [NavigationFailure]

-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\prefs.js ]

Line Deleted : user_pref("CT2737658.1000082.state", "{\"state\":\"stopped\",\"text\":\"Classic R...\",\"description\":\"Classic Rock\",\"url\":\"hxxp://www.gotradio.com/player/launch.asp?id=22&cr=lb\"}");
Line Deleted : user_pref("CT2737658.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2737658.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://FreeOnlineRadioPlayerRec[...]
Line Deleted : user_pref("CT2737658.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2737658\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FreeOnlineRadioPlayerRecorder.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FreeOnlineRadioPlayerRecorder\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3298566.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3298566.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT3298566.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298566.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298566.FirstTime", "true");
Line Deleted : user_pref("CT3298566.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3298566.TopHitsConfig.enc", "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL3N0b3JhZ2UuY29uZHVpdC5jb20vcHMvVG9wSGl0c0dlbmVyaWNBcHAvY29uZmlncy9VUy1VSy1EYW5jZS1Sb2NrLVJhcC9zcHJpdGUucG5nIiwNCiAgICAiaX[...]
Line Deleted : user_pref("CT3298566.UserID", "UN32472598882992461");
Line Deleted : user_pref("CT3298566.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3298566.countryCode", "CZ");
Line Deleted : user_pref("CT3298566.embeddedsData", "[{\"appId\":\"130110228003246321\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3298566.enlargeSearchBox", "{\"enabled\":true,\"maxWidth\":1000,\"minWidth\":250,\"width\":500}");
Line Deleted : user_pref("CT3298566.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3298566.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3298566.fullUserID", "UN32472598882992461.IN.20131007141856");
Line Deleted : user_pref("CT3298566.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3298566.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298566.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3298566.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3298566.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3298566&octid=CT3298566&SearchSource=15&CUI=UN32472598882992461&SSPV=&Lay=1&UM=2\"}");
Line Deleted : user_pref("CT3298566.lastVersion", "10.20.1.508");
Line Deleted : user_pref("CT3298566.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwib3B0aW9uc0Rp[...]
Line Deleted : user_pref("CT3298566.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Line Deleted : user_pref("CT3298566.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT3298566.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fforum.viry.cz%2Fviewtopic.php%3Ff%3D30%26t%3D133410\",\"EB_MAIN_FRAME_TITLE\":\"VIRY.CZ%20%E2%80%A2%20Zobrazit%20t%C[...]
Line Deleted : user_pref("CT3298566.search.searchAppId", "130110228003246321");
Line Deleted : user_pref("CT3298566.search.searchCount", "0");
Line Deleted : user_pref("CT3298566.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3298566.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3298566.searchSuggestEnabledByUser", "TRUE");
Line Deleted : user_pref("CT3298566.searchUserMode", "2");
Line Deleted : user_pref("CT3298566.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298566.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298566.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3298566.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3298566\"}");
Line Deleted : user_pref("CT3298566.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://MixiDJV30.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3298566.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"MixiDJ V30 \"}");
Line Deleted : user_pref("CT3298566.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298566.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3298566.serviceLayer_services_Configuration_lastUpdate", "1382007281925");
Line Deleted : user_pref("CT3298566.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1382007276547");
Line Deleted : user_pref("CT3298566.serviceLayer_services_appsMetadata_lastUpdate", "1382007281513");
Line Deleted : user_pref("CT3298566.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1382007276639");
Line Deleted : user_pref("CT3298566.serviceLayer_services_login_10.20.1.508_lastUpdate", "1382007276470");
Line Deleted : user_pref("CT3298566.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1382007276561");
Line Deleted : user_pref("CT3298566.serviceLayer_services_searchAPI_lastUpdate", "1382007281761");
Line Deleted : user_pref("CT3298566.serviceLayer_services_serviceMap_lastUpdate", "1382007276459");
Line Deleted : user_pref("CT3298566.serviceLayer_services_setupAPI_lastUpdate", "1382007282494");
Line Deleted : user_pref("CT3298566.serviceLayer_services_toolbarContextMenu_lastUpdate", "1382007276708");
Line Deleted : user_pref("CT3298566.serviceLayer_services_toolbarSettings_lastUpdate", "1382007281550");
Line Deleted : user_pref("CT3298566.serviceLayer_services_translation_lastUpdate", "1382007276532");
Line Deleted : user_pref("CT3298566.settingsINI", true);
Line Deleted : user_pref("CT3298566.showToolbarPermission", "false");
Line Deleted : user_pref("CT3298566.smartbar.CTID", "CT3298566");
Line Deleted : user_pref("CT3298566.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3298566.smartbar.toolbarName", "MixiDJ V30 ");
Line Deleted : user_pref("CT3298566.toolbarCurrentServerTime", "17-10-2013");
Line Deleted : user_pref("CT3298566.toolbarLoginClientTime", "Thu Oct 17 2013 12:54:32 GMT+0200");
Line Deleted : user_pref("CT3298566_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1382007270774,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("smartbar.machineId", "F0SK2S3HZ5WGP2VNKNYO0V1D9FUZ/2Z4GW/EROIYHYT5HYVJ/F4TH6MCVYTD+PS8SQGNJCR/ENFROHC1KR3AIG");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url

[ File : C:\Users\benesl\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [31597 octets] - [17/10/2013 12:59:14]
AdwCleaner[S0].txt - [25403 octets] - [17/10/2013 13:02:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25464 octets] ##########

[vyosek]

Poprosim o log z FRSTL http://forum.viry.cz/viewtopic.php?f=30&t=133101

[antal]

Addition.zip

(5.92 KiB) Staženo 40 x

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by BENESL (administrator) on M898 on 17-10-2013 14:00:42
Running from C:\Users\benesl\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Solid Documents, LLC) C:\Windows\Installer\MSI3231.tmp
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_124a1a436c563c4c\STacSV.exe
(UltraVNC) C:\Program Files\UltraVNC\WinVNC.exe
(UltraVNC) C:\Program Files\UltraVNC\WinVNC.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Software602) C:\Program Files\Software602\Print2PDF\Print2PDF.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Orbitdownloader.com) C:\Program Files\Orbitdownloader\orbitdm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Orbitdownloader.com) C:\Program Files\Orbitdownloader\orbitnet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(forum.viry.cz) C:\Users\benesl\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-02-15] (IDT, Inc.)
HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3508624 2012-02-03] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [HPUsageTrackingLEDM] - C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\Run: [Print2PDF Print Monitor] - C:\Program Files\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun_KL_notset] 1
HKCU\...\Run: [KiesHelper] - C:\Program Files\Samsung\Kies\KiesHelper.exe [943504 2012-02-03] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21416 2012-03-14] ()
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-07] (Google Inc.)
HKU\RANDUSKAR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2011-11-07] (Google Inc.)
AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll [ 2011-06-07] (Kaspersky Lab ZAO)
Startup: C:\Users\benesl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EarthDesk.lnk
ShortcutTarget: EarthDesk.lnk -> C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
URLSearchHook: (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\searchplugins\mixidj-v30-customized-web-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Garmin Communicator - C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

========================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [247352 2010-05-11] (HP)
R2 klnagent; C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe [124632 2012-08-02] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SCPDFReadSpool; C:\Windows\Installer\MSI3231.tmp [163656 2012-05-21] (Solid Documents, LLC)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_124a1a436c563c4c\STacSV.exe [102400 2008-02-15] (IDT, Inc.)
R2 uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [1590216 2009-12-07] (UltraVNC)

==================== Drivers (Whitelisted) ====================

R2 aksfridge; C:\Windows\System32\DRIVERS\aksfridge.sys [356864 2010-09-27] (SafeNet Inc.)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [238208 2009-03-13] (Aladdin Knowledge Systems Ltd.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [46336 2007-07-23] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [16384 2009-06-22] (Aladdin Knowledge Systems Ltd.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [126480 2009-11-12] (Kaspersky Lab)
R3 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [24848 2009-09-03] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [233560 2011-06-07] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [22104 2011-06-07] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-17 14:00 - 2013-10-17 14:00 - 00000000 ____D C:\FRST
2013-10-17 13:58 - 2013-10-17 13:58 - 00112128 _____ (forum.viry.cz) C:\Users\benesl\Downloads\FRSTLauncher.exe
2013-10-17 13:56 - 2013-10-17 13:56 - 00112128 _____ (forum.viry.cz) C:\Users\benesl\Desktop\FRSTLauncher.exe
2013-10-17 13:54 - 2013-10-17 13:54 - 01087213 _____ (Farbar) C:\Users\benesl\Desktop\FRST.exe
2013-10-17 13:11 - 2013-10-17 13:11 - 00025545 _____ C:\Users\benesl\Desktop\AdwCleaner[S0].txt
2013-10-17 12:59 - 2013-10-17 13:02 - 00000000 ____D C:\AdwCleaner
2013-10-17 12:47 - 2013-10-17 12:47 - 00027921 _____ C:\Users\benesl\Desktop\JRT.txt
2013-10-17 12:41 - 2013-10-17 12:41 - 00000000 ____D C:\Windows\ERUNT
2013-10-17 12:38 - 2013-10-17 12:39 - 01050644 _____ C:\Users\benesl\Desktop\adwcleaner.exe
2013-10-17 12:37 - 2013-10-17 12:37 - 01033335 _____ (Thisisu) C:\Users\benesl\Desktop\JRT.exe
2013-10-17 08:39 - 2013-10-17 13:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-15 13:03 - 2013-10-15 13:03 - 00000000 ____D C:\Users\benesl\AppData\Roaming\Malwarebytes
2013-10-15 13:02 - 2013-10-15 13:02 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-15 13:02 - 2013-10-15 13:02 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-15 13:02 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-15 13:00 - 2013-10-15 13:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\benesl\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-15 12:50 - 2013-10-17 13:04 - 00042794 _____ C:\Windows\PFRO.log
2013-10-15 12:50 - 2013-10-17 13:04 - 00000224 _____ C:\Windows\setupact.log
2013-10-15 12:50 - 2013-10-15 12:50 - 00000000 _____ C:\Windows\setuperr.log
2013-10-15 12:25 - 2013-10-15 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 12:23 - 2013-10-15 12:23 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-15 12:20 - 2013-10-15 12:46 - 00000000 ____D C:\Users\benesl\Desktop\mbar
2013-10-15 12:19 - 2013-10-15 12:20 - 12576792 _____ (Malwarebytes Corp.) C:\Users\benesl\Desktop\mbar-1.07.0.1007.exe
2013-10-11 13:58 - 2013-10-15 13:26 - 00000000 ____D C:\Program Files\trend micro
2013-10-11 13:58 - 2013-10-11 13:58 - 00000000 ____D C:\rsit
2013-10-11 13:57 - 2013-10-11 13:57 - 00781383 _____ C:\Users\benesl\Downloads\RSIT.exe
2013-10-11 04:29 - 2013-10-11 04:30 - 00000000 ____D C:\Windows\rescache
2013-10-11 03:14 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-11 03:14 - 2013-09-23 01:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-11 03:14 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-11 03:14 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-11 03:14 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-11 03:14 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-11 03:14 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-11 03:14 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-11 03:14 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-11 03:14 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-11 03:14 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 03:14 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-11 03:14 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 03:13 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-11 03:13 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-11 03:13 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-11 00:46 - 2013-09-14 02:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-11 00:46 - 2013-09-08 04:07 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-11 00:46 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-11 00:46 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-10-11 00:46 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-11 00:46 - 2013-08-29 03:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-11 00:46 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-11 00:46 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-11 00:46 - 2013-08-28 03:04 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 00:46 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-11 00:46 - 2013-08-01 13:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 00:46 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 00:46 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-11 00:46 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-11 00:46 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 00:46 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-11 00:46 - 2013-07-03 06:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-11 00:46 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-11 00:46 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 00:46 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-11 00:46 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-11 00:46 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-11 00:46 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 00:46 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 00:45 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-11 00:45 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 16:29 - 2013-10-10 16:46 - 299337728 _____ C:\Users\benesl\Downloads\Neuvěřitelné-příběhy-02x06-Gríbl-cz-(L.u.c.c.i).avi
2013-10-07 13:54 - 2013-10-15 16:19 - 00000000 ____D C:\Users\benesl\AppData\Local\Mirillis
2013-10-07 13:54 - 2013-10-07 13:54 - 00000000 ____D C:\Users\benesl\AppData\Roaming\Mirillis
2013-10-07 13:54 - 2013-10-07 13:54 - 00000000 ____D C:\ProgramData\Mirillis
2013-10-07 13:51 - 2013-10-07 13:51 - 00002183 _____ C:\Users\benesl\Desktop\Splash Lite.lnk
2013-10-07 13:51 - 2013-10-07 13:51 - 00000000 ____D C:\Users\benesl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2013-10-07 13:51 - 2013-10-07 13:51 - 00000000 ____D C:\Program Files\Mirillis
2013-10-07 13:48 - 2013-10-07 13:49 - 13377240 _____ () C:\Users\benesl\Downloads\splash_lite_1_6_1_setup.exe
2013-10-04 12:41 - 2013-10-04 12:41 - 00000000 _____ C:\Windows\system32\FAP51E5.tmp
2013-10-04 12:39 - 2013-10-04 12:39 - 04369632 _____ (Piriform Ltd) C:\Users\benesl\Downloads\ccsetup406.exe
2013-10-04 12:27 - 2013-10-04 12:31 - 00000000 ____D C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-10-04 10:56 - 2013-10-04 10:56 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-04 10:54 - 2013-10-04 10:54 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-09-27 12:54 - 2013-10-15 17:14 - 00000102 _____ C:\Users\benesl\Documents\WUPDATE.LOG
2013-09-27 12:54 - 2013-09-27 12:57 - 19277322 _____ C:\Users\benesl\Documents\TOPSTONE návod.flv
2013-09-27 12:53 - 2013-09-27 12:53 - 00001100 _____ C:\Users\benesl\Desktop\save2pc stahování z youtube.lnk
2013-09-27 12:53 - 2013-09-27 12:53 - 00000000 ____D C:\Program Files\FDRLab
2013-09-27 12:52 - 2013-09-27 12:52 - 03327888 _____ (FDRLab ) C:\Users\benesl\Downloads\save2pc_light_setup.exe
2013-09-20 08:47 - 2013-09-20 08:47 - 00000971 _____ C:\Users\Public\Desktop\Anti-Twin.lnk
2013-09-20 08:46 - 2013-09-20 08:46 - 00000000 ____D C:\Program Files\AntiTwin
2013-09-20 08:45 - 2013-09-20 08:44 - 00903638 _____ C:\Users\benesl\Downloads\AntiTwin_Setup.exe
2013-09-17 15:34 - 2013-09-17 15:34 - 00000000 ____D C:\Program Files\DebugMode

==================== One Month Modified Files and Folders =======

2013-10-17 14:00 - 2013-10-17 14:00 - 00000000 ____D C:\FRST
2013-10-17 13:58 - 2013-10-17 13:58 - 00112128 _____ (forum.viry.cz) C:\Users\benesl\Downloads\FRSTLauncher.exe
2013-10-17 13:56 - 2013-10-17 13:56 - 00112128 _____ (forum.viry.cz) C:\Users\benesl\Desktop\FRSTLauncher.exe
2013-10-17 13:54 - 2013-10-17 13:54 - 01087213 _____ (Farbar) C:\Users\benesl\Desktop\FRST.exe
2013-10-17 13:39 - 2013-05-15 11:11 - 00000634 ____H C:\Windows\Tasks\Norton Product InstallerIdle.job
2013-10-17 13:25 - 2011-11-07 13:31 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-17 13:13 - 2009-07-14 06:34 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-17 13:13 - 2009-07-14 06:34 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-17 13:11 - 2013-10-17 13:11 - 00025545 _____ C:\Users\benesl\Desktop\AdwCleaner[S0].txt
2013-10-17 13:10 - 2011-06-07 07:18 - 01469951 _____ C:\Windows\WindowsUpdate.log
2013-10-17 13:06 - 2012-09-03 12:08 - 00000000 ____D C:\Users\benesl\AppData\Roaming\Orbit
2013-10-17 13:05 - 2012-08-08 08:30 - 00000352 ____H C:\Windows\Tasks\TheBflixUpdaterTask{BEB734D7-953C-449B-92B5-018C485CAA3D}.job
2013-10-17 13:05 - 2012-04-25 07:51 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-17 13:05 - 2011-11-07 13:31 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-17 13:05 - 2011-06-07 10:59 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-17 13:04 - 2013-10-15 12:50 - 00042794 _____ C:\Windows\PFRO.log
2013-10-17 13:04 - 2013-10-15 12:50 - 00000224 _____ C:\Windows\setupact.log
2013-10-17 13:04 - 2012-08-08 10:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-17 13:04 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-17 13:02 - 2013-10-17 12:59 - 00000000 ____D C:\AdwCleaner
2013-10-17 13:02 - 2013-10-17 08:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-17 12:47 - 2013-10-17 12:47 - 00027921 _____ C:\Users\benesl\Desktop\JRT.txt
2013-10-17 12:42 - 2012-09-03 12:12 - 00000000 ____D C:\Program Files\Orbitdownloader
2013-10-17 12:41 - 2013-10-17 12:41 - 00000000 ____D C:\Windows\ERUNT
2013-10-17 12:39 - 2013-10-17 12:38 - 01050644 _____ C:\Users\benesl\Desktop\adwcleaner.exe
2013-10-17 12:37 - 2013-10-17 12:37 - 01033335 _____ (Thisisu) C:\Users\benesl\Desktop\JRT.exe
2013-10-17 12:27 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\Offline Web Pages
2013-10-16 10:32 - 2012-04-02 12:38 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-15 17:14 - 2013-09-27 12:54 - 00000102 _____ C:\Users\benesl\Documents\WUPDATE.LOG
2013-10-15 16:19 - 2013-10-07 13:54 - 00000000 ____D C:\Users\benesl\AppData\Local\Mirillis
2013-10-15 13:26 - 2013-10-11 13:58 - 00000000 ____D C:\Program Files\trend micro
2013-10-15 13:03 - 2013-10-15 13:03 - 00000000 ____D C:\Users\benesl\AppData\Roaming\Malwarebytes
2013-10-15 13:02 - 2013-10-15 13:02 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-15 13:02 - 2013-10-15 13:02 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-15 13:00 - 2013-10-15 13:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\benesl\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-15 12:50 - 2013-10-15 12:50 - 00000000 _____ C:\Windows\setuperr.log
2013-10-15 12:50 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\addins
2013-10-15 12:46 - 2013-10-15 12:20 - 00000000 ____D C:\Users\benesl\Desktop\mbar
2013-10-15 12:25 - 2013-10-15 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 12:23 - 2013-10-15 12:23 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-15 12:20 - 2013-10-15 12:19 - 12576792 _____ (Malwarebytes Corp.) C:\Users\benesl\Desktop\mbar-1.07.0.1007.exe
2013-10-15 10:45 - 2013-04-25 14:15 - 00000000 ____D C:\Users\benesl\Desktop\ulice
2013-10-15 10:17 - 2013-01-14 10:04 - 00000000 ____D C:\Users\benesl\Documents\Zálohy CCleaner
2013-10-14 13:21 - 2010-11-20 23:01 - 01585162 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-11 13:58 - 2013-10-11 13:58 - 00000000 ____D C:\rsit
2013-10-11 13:57 - 2013-10-11 13:57 - 00781383 _____ C:\Users\benesl\Downloads\RSIT.exe
2013-10-11 13:39 - 2011-06-07 08:08 - 00000000 ____D C:\Windows\Panther
2013-10-11 04:30 - 2013-10-11 04:29 - 00000000 ____D C:\Windows\rescache
2013-10-11 04:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-11 03:52 - 2011-06-07 09:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 03:52 - 2009-07-14 06:33 - 00428104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-11 03:30 - 2011-06-07 11:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-11 03:26 - 2013-08-16 03:09 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 03:18 - 2011-06-07 09:05 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 16:46 - 2013-10-10 16:29 - 299337728 _____ C:\Users\benesl\Downloads\Neuvěřitelné-příběhy-02x06-Gríbl-cz-(L.u.c.c.i).avi
2013-10-10 13:55 - 2012-02-03 16:33 - 00000000 ____D C:\Users\benesl\Desktop\Depozitář
2013-10-09 16:23 - 2013-01-28 09:40 - 03058688 _____ C:\Users\benesl\Documents\filmy hodnocení9.xls
2013-10-09 12:06 - 2012-03-13 14:48 - 00000000 ____D C:\Users\benesl\Desktop\fotky z mobilu
2013-10-09 11:05 - 2012-04-25 07:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 11:05 - 2011-06-07 10:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 13:54 - 2013-10-07 13:54 - 00000000 ____D C:\Users\benesl\AppData\Roaming\Mirillis
2013-10-07 13:54 - 2013-10-07 13:54 - 00000000 ____D C:\ProgramData\Mirillis
2013-10-07 13:51 - 2013-10-07 13:51 - 00002183 _____ C:\Users\benesl\Desktop\Splash Lite.lnk
2013-10-07 13:51 - 2013-10-07 13:51 - 00000000 ____D C:\Users\benesl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2013-10-07 13:51 - 2013-10-07 13:51 - 00000000 ____D C:\Program Files\Mirillis
2013-10-07 13:49 - 2013-10-07 13:48 - 13377240 _____ () C:\Users\benesl\Downloads\splash_lite_1_6_1_setup.exe
2013-10-04 12:41 - 2013-10-04 12:41 - 00000000 _____ C:\Windows\system32\FAP51E5.tmp
2013-10-04 12:41 - 2012-04-02 12:38 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-04 12:41 - 2011-06-07 10:48 - 00000000 ____D C:\Program Files\CCleaner
2013-10-04 12:39 - 2013-10-04 12:39 - 04369632 _____ (Piriform Ltd) C:\Users\benesl\Downloads\ccsetup406.exe
2013-10-04 12:31 - 2013-10-04 12:27 - 00000000 ____D C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-10-04 11:40 - 2011-10-21 10:03 - 00001347 _____ C:\Users\RANDUSKAR\Desktop\Depozitář – zástupce.lnk
2013-10-04 10:56 - 2013-10-04 10:56 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-04 10:54 - 2013-10-04 10:54 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-09-27 12:57 - 2013-09-27 12:54 - 19277322 _____ C:\Users\benesl\Documents\TOPSTONE návod.flv
2013-09-27 12:53 - 2013-09-27 12:53 - 00001100 _____ C:\Users\benesl\Desktop\save2pc stahování z youtube.lnk
2013-09-27 12:53 - 2013-09-27 12:53 - 00000000 ____D C:\Program Files\FDRLab
2013-09-27 12:52 - 2013-09-27 12:52 - 03327888 _____ (FDRLab ) C:\Users\benesl\Downloads\save2pc_light_setup.exe
2013-09-23 01:28 - 2013-10-11 03:14 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 01:28 - 2013-10-11 03:14 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 01:28 - 2013-10-11 03:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 01:27 - 2013-10-11 03:14 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 01:27 - 2013-10-11 03:14 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 01:27 - 2013-10-11 03:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 01:27 - 2013-10-11 03:14 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 01:27 - 2013-10-11 03:14 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 01:27 - 2013-10-11 03:14 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 01:27 - 2013-10-11 03:14 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 01:27 - 2013-10-11 03:14 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 01:27 - 2013-10-11 03:14 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-23 01:27 - 2013-10-11 03:13 - 14335488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 01:27 - 2013-10-11 03:13 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-21 05:30 - 2013-10-11 03:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 04:39 - 2013-10-11 03:14 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-20 08:47 - 2013-09-20 08:47 - 00000971 _____ C:\Users\Public\Desktop\Anti-Twin.lnk
2013-09-20 08:46 - 2013-09-20 08:46 - 00000000 ____D C:\Program Files\AntiTwin
2013-09-20 08:44 - 2013-09-20 08:45 - 00903638 _____ C:\Users\benesl\Downloads\AntiTwin_Setup.exe
2013-09-17 15:34 - 2013-09-17 15:34 - 00000000 ____D C:\Program Files\DebugMode

Files to move or delete:
====================
C:\Users\benesl\Ares_Tube_Setup.exe
C:\Users\benesl\avi2video_install.exe


Some content of TEMP:
====================
C:\Users\benesl\AppData\Local\Temp\Quarantine.exe
C:\Users\benesl\AppData\Local\Temp\wusetup.exe
C:\Users\RANDUSKAR\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\RANDUSKAR\AppData\Local\Temp\lowproc.exe
C:\Users\RANDUSKAR\AppData\Local\Temp\Paint.NET.3.5.10.Install.exe
C:\Users\RANDUSKAR\AppData\Local\Temp\SCC.dll
C:\Users\technikus\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (DISK) (Fixed) (Total:148.91 GB) (Free:52.95 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:698.64 GB) (Free:19.17 GB) NTFS

Available physical RAM: 829.95 MB
Total physical RAM: 1982.43 MB
Percentage of memory in use: 58%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\Windows\system32\Adobe\Shockwave 12\SymInstallStub.exe
Task: C:\Windows\Tasks\TheBflixUpdaterTask{BEB734D7-953C-449B-92B5-018C485CAA3D}.job => C:\ProgramData\TheBflix\TheBflix.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Kaspersky Anti-Virus (Enabled - Up to date) {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Anti-Virus (Enabled) {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\benesl\Desktop" je 10885 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Orbitdownloader\\orbitdm.exe"="C:\\Program Files\\Orbitdownloader\\orbitdm.exe:*:Enabled:Orbit"
"C:\\Program Files\\Orbitdownloader\\orbitnet.exe"="C:\\Program Files\\Orbitdownloader\\orbitnet.exe:*:Enabled:Orbit"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3508624 2012-02-03] (Samsung Electronics Co., Ltd.)
  HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [421888 2012-04-18] (Apple Inc.)
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
  HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
  HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun_KL_notset] 1
  HKCU\...\Run: [KiesHelper] - C:\Program Files\Samsung\Kies\KiesHelper.exe [943504 2012-02-03] (Samsung)
  HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21416 2012-03-14] ()
  HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
  HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
  HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-07] (Google Inc.)
  HKU\RANDUSKAR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2011-11-07] (Google Inc.)
  
  URLSearchHook: (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
  SearchScopes: HKLM - DefaultScope value is missing.
  Toolbar: HKLM - No Name - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
  Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
  Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll No File
  
  2013-10-17 13:58 - 2013-10-17 13:58 - 00112128 _____ (forum.viry.cz) C:\Users\benesl\Downloads\FRSTLauncher.exe
  C:\Users\benesl\AppData\Local\Temp\Quarantine.exe
  C:\Users\benesl\AppData\Local\Temp\wusetup.exe
  C:\Users\RANDUSKAR\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
  C:\Users\RANDUSKAR\AppData\Local\Temp\lowproc.exe
  C:\Users\RANDUSKAR\AppData\Local\Temp\Paint.NET.3.5.10.Install.exe
  C:\Users\RANDUSKAR\AppData\Local\Temp\SCC.dll
  C:\Users\technikus\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\Windows\system32\Adobe\Shockwave 12\SymInstallStub.exe
  Task: C:\Windows\Tasks\TheBflixUpdaterTask{BEB734D7-953C-449B-92B5-018C485CAA3D}.job => C:\ProgramData\TheBflix\TheBflix.exe
  
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk
  
  Hosts:
  CMD: shutdown /r /f /t 2
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[antal]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013
Ran by BENESL at 2013-10-17 15:05:04 Run:1
Running from C:\Users\benesl\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3508624 2012-02-03] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun_KL_notset] 1
HKCU\...\Run: [KiesHelper] - C:\Program Files\Samsung\Kies\KiesHelper.exe [943504 2012-02-03] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21416 2012-03-14] ()
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-07] (Google Inc.)
HKU\RANDUSKAR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2011-11-07] (Google Inc.)

URLSearchHook: (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKLM - No Name - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll No File

2013-10-17 13:58 - 2013-10-17 13:58 - 00112128 _____ (forum.viry.cz) C:\Users\benesl\Downloads\FRSTLauncher.exe
C:\Users\benesl\AppData\Local\Temp\Quarantine.exe
C:\Users\benesl\AppData\Local\Temp\wusetup.exe
C:\Users\RANDUSKAR\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\RANDUSKAR\AppData\Local\Temp\lowproc.exe
C:\Users\RANDUSKAR\AppData\Local\Temp\Paint.NET.3.5.10.Install.exe
C:\Users\RANDUSKAR\AppData\Local\Temp\SCC.dll
C:\Users\technikus\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\Windows\system32\Adobe\Shockwave 12\SymInstallStub.exe
Task: C:\Windows\Tasks\TheBflixUpdaterTask{BEB734D7-953C-449B-92B5-018C485CAA3D}.job => C:\ProgramData\TheBflix\TheBflix.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDriveTypeAutoRun_KL_notset => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesHelper => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPDLR => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\OfficeSyncProcess => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKU\RANDUSKAR\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} => Value deleted successfully.
HKCR\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03} => Value deleted successfully.
HKCR\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{687578B9-7132-4A7A-80E4-30EE31099E03} => Value deleted successfully.
HKCR\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} => Value deleted successfully.
HKCR\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} => Key deleted successfully.
C:\Users\benesl\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Users\benesl\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\benesl\AppData\Local\Temp\wusetup.exe => Moved successfully.
C:\Users\RANDUSKAR\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe => Moved successfully.
C:\Users\RANDUSKAR\AppData\Local\Temp\lowproc.exe => Moved successfully.
C:\Users\RANDUSKAR\AppData\Local\Temp\Paint.NET.3.5.10.Install.exe => Moved successfully.
C:\Users\RANDUSKAR\AppData\Local\Temp\SCC.dll => Moved successfully.
C:\Users\technikus\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Norton Product InstallerIdle.job => Moved successfully.
C:\Windows\Tasks\TheBflixUpdaterTask{BEB734D7-953C-449B-92B5-018C485CAA3D}.job => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====