Usídlil se mi v prohlížeči nějaký toolbar (http://search.certified-toolbar.com/) a nemůžu ho odstranit. Pokaždé se přepíše zpět na původní. Můžete mi prosím poradit, jak se toho zbavit? Pravděpodobně je i možné, že bude i v notebooku i jiná havěť.
Děkuji moc a níže zasílám výpis:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by DOMAPC (administrator) on KONKON on 01-12-2013 10:32:48
Running from C:\Users\DOMAPC\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(LogMeIn Inc.) E:\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn Inc.) E:\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) E:\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc.) E:\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Google Inc.) C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\DOMAPC\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [621440 2009-09-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update] - C:\Users\DOMAPC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-30] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Facebook Update] - C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-15] (Facebook Inc.)
HKCU\...\Policies\system: [NoSecCpl] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [NoDispCpl] 0
HKCU\...\Policies\system: [NoDispBackgroundPage] 0
HKCU\...\Policies\system: [NoDispScrSavPage] 0
HKCU\...\Policies\system: [NoDispAppearancePage] 0
HKCU\...\Policies\system: [NoDispSettingsPage] 0
HKCU\...\Policies\system: [NoVisualStyleChoice] 0
HKCU\...\Policies\Explorer: [NoNetHood] 0
HKCU\...\Policies\Explorer: [HideClock] 0
HKCU\...\Policies\Explorer: [NoManageMyComputerVerb] 0
HKCU\...\Policies\Explorer: [NoStartMenuPinnedList] 0
HKCU\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0
HKCU\...\Policies\Explorer: [NoUserNameInStartMenu] 0
HKCU\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKCU\...\Policies\Explorer: [NoCommonGroups] 0
HKCU\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKCU\...\Policies\Explorer: [NoPrinterTabs] 0
HKCU\...\Policies\Explorer: [NoDeletePrinter] 0
HKCU\...\Policies\Explorer: [NoAddPrinter] 0
HKCU\...\Policies\Explorer: [NoPrinters] 0
HKCU\...\Policies\Explorer: [NoNetworkConnections] 0
HKCU\...\Policies\Explorer: [NoFavoritesMenu] 0
HKCU\...\Policies\Explorer: [NoSetFolders] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoViewContextMenu] 0
HKCU\...\Policies\Explorer: [NoFileMenu] 0
HKCU\...\Policies\Explorer: [NoToolbarCustomize] 0
HKCU\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKCU\...\Policies\Explorer: [NoChangeAnimation] 0
HKCU\...\Policies\Explorer: [NoChangeKeyboardNavigationIndicators] 0
HKCU\...\Policies\Explorer: [NoThemesTab] 0
HKCU\...\Policies\Explorer: [NoFind] 0
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM-x32\...\Run: [CommonToolkitTray] - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1425952 2013-03-12] (SPAMfighter ApS)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-08-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - E:\LogMeIn Hamachi\hamachi-2-ui.exe [2349392 2013-11-11] (LogMeIn Inc.)
AppInit_DLLs-x32: [ ] ()
Startup: C:\Users\DOMAPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=3206
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... =643145241
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=7 ... g=EN&cc=CZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=3206
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKLM-x32 - {659E0D8C-A6FD-52CA-4D96-1C5DBAC3A87A} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKLM-x32 - {72DF08E1-A341-44AA-801A-D6FAA41388F7} URL = http://search.sweetim.com/search.asp?sr ... E6BA0D775F}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2776682
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-results.info/?l=1&q ... g=EN&cc=CZ
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - AA8F05285C55412591516BF59E2BDC4B URL = http://mixidj.delta-search.com/?q={sear ... 6&tsp=4933
SearchScopes: HKCU - {048C1097-4B87-4BBB-A85C-5DC6C93FB001} URL = http://search.softonic.com/INF00176/tb_ ... 775f&r=252
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
SearchScopes: HKCU - {10FFEE2F-2789-418B-9497-F03B488F95DE} URL = http://mp3tubetoolbar.com/?tmp=toolbar_ ... ef97fcc2c1
SearchScopes: HKCU - {19AEADAE-08A9-41B6-B619-7F492455E5FE} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {399a1442-7377-49e7-8d77-6dc9ed5968c1} URL = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
SearchScopes: HKCU - {5cf5d387-d87c-4408-9a6b-301b0713d62a} URL = http://www.mapy.cz/?query={searchTerms} ... earch_6826
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {659E0D8C-A6FD-52CA-4D96-1C5DBAC3A87A} URL = http://isearch.avg.com/search?cid={65C0 ... 2012-06-25 16:57:11&v=11.1.0.7&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {72DF08E1-A341-44AA-801A-D6FAA41388F7} URL = http://search.sweetim.com/search.asp?sr ... E6BA0D775F}
SearchScopes: HKCU - {8172f457-818d-46db-941f-2bbe53e156af} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={65C ... 2012-06-25 16:57:11&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-results.info/?l=1&q ... g=EN&cc=CZ
SearchScopes: HKCU - {BC88A8ED-DEB6-4682-999C-7EEFA1CA7C26} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {CADF03C6-9BED-42C4-800F-37923F9D24C7} URL = http://searchou.com/?q={searchTerms}&id ... d775f&r=98
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb139/?se ... rRqv6&i=26
SearchScopes: HKCU - {eb97f7df-1773-4916-aae6-5af74da8c69d} URL = http://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKCU - {FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2} URL = http://www.etypestart.com/s/?q={searchT ... rer:source}
BHO: No Name - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No File
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
Toolbar: HKLM - No Name - !{855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - !{91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKLM-x32 - No Name - {41545533-2D53-4154-00A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {41545533-2D53-4154-00A7-7A786E7484D7} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.237.40.254 10.0.0.3 10.0.0.2
FireFox:
========
FF ProfilePath: C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default
FF user.js: detected! => C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\user.js
FF Homepage: hxxp://www.search.ask.com/?p2=%5EAKM%5Ezzz000% ... 06-24&psv=
FF SearchEngineOrder.1: Ask Search
FF NewTab: hxxp://mixidj.delta-search.com/?babsrc=NT_ss&mntrId=E27190E6BA0D775F&affID=121136&tsp=4933
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Ask Search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\DOMAPC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\DOMAPC\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\DOMAPC\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\DOMAPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\privitize.xml
FF SearchPlugin: C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\search-here.xml
FF SearchPlugin: C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\softonic.xml
FF Extension: ADDICT-THING - C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\500e52f6330d4@500e52f6330f4.info
FF Extension: ADDICT-THING - C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\5033e55fc9955@5033e55fc998f.info
FF Extension: ADDICT-THING - C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\5036063fdafcb@5036063fdb005.info
FF Extension: ADDICT-THING - C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\50545c643d139@50545c643d172.com
FF Extension: AccelerateTab - C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\speeddial@instair.net
FF Extension: addon - C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\addon@defaulttab.com.xpi
FF Extension: No Name - C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: hxxp://seznam.cz/
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\DOMAPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\DOMAPC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (COD MW3 by St0n3 (:) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokpkhkaciinbfdgmaelijhngickobgo\1_0
CHR Extension: (Google Drive) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (uTorrentControl_v6) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.16.100.504_0
CHR Extension: (Google Search) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0
CHR Extension: (Domain Error Assistant) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.2_0
CHR Extension: (ADDICT-THING) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnckknjgnjelneeckmophfknldddgjn\1.0_0
CHR Extension: (ADDICT-THING) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfibbdiamcijedpdjiadlbiphobmogk\3.2_0
CHR Extension: (Skype Click to Call) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Slick Savings) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0
CHR Extension: (ADDICT-THING) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgpkbddmiionfaigjehpobghcncecjg\1.0_0
CHR Extension: (ADDICT-THING) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeimanopffldlldnhiccbeekjmklkalp\1.0_0
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0
CHR Extension: (Gmail) - C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\DOMAPC\AppData\Local\speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\DOMAPC\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.2.crx
CHR HKLM-x32\...\Chrome\Extension: [jpnckknjgnjelneeckmophfknldddgjn] - C:\ProgramData\ADDICT-THING\jpnckknjgnjelneeckmophfknldddgjn.crx
CHR HKLM-x32\...\Chrome\Extension: [kbfibbdiamcijedpdjiadlbiphobmogk] - C:\ProgramData\ADDICT-THING\kbfibbdiamcijedpdjiadlbiphobmogk.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM-x32\...\Chrome\Extension: [npgpkbddmiionfaigjehpobghcncecjg] - C:\ProgramData\ADDICT-THING\npgpkbddmiionfaigjehpobghcncecjg.crx
CHR HKLM-x32\...\Chrome\Extension: [oeimanopffldlldnhiccbeekjmklkalp] - C:\ProgramData\ADDICT-THING\oeimanopffldlldnhiccbeekjmklkalp.crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 Hamachi2Svc; E:\LogMeIn Hamachi\hamachi-2.exe [2756944 2013-11-11] (LogMeIn Inc.)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4553768 2012-01-05] (INCA Internet Co., Ltd.)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-06] ()
S2 SecureUpdateSvc; C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2473296 2013-10-30] ()
==================== Drivers (Whitelisted) ====================
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2012-07-23] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
S3 catchme; No ImagePath
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-06] (DT Soft Ltd)
S3 EagleX64; No ImagePath
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-07-23] ()
S4 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [68608 2005-08-10] (Protection Technology)
S4 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [89600 2005-11-03] (Protection Technology)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-01 10:32 - 2013-12-01 10:34 - 00030221 _____ C:\Users\DOMAPC\Desktop\FRST.txt
2013-12-01 10:32 - 2013-12-01 10:32 - 00000000 ____D C:\FRST
2013-12-01 10:31 - 2013-12-01 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\DOMAPC\Desktop\FRSTLauncher.exe
2013-12-01 10:30 - 2013-12-01 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\DOMAPC\Downloads\FRSTLauncher.exe
2013-12-01 10:30 - 2013-12-01 10:28 - 01959184 _____ (Farbar) C:\Users\DOMAPC\Desktop\FRST64.exe
2013-12-01 10:28 - 2013-12-01 10:28 - 01959184 _____ (Farbar) C:\Users\DOMAPC\Downloads\FRST64.exe
2013-11-30 07:39 - 2013-11-30 07:39 - 22609606 _____ C:\Users\DOMAPC\Downloads\VALASKA POLANKA.zip
2013-11-28 14:26 - 2013-11-28 14:26 - 75555042 _____ () C:\Users\DOMAPC\Downloads\mctitantekkitpro.exe
2013-11-26 15:23 - 2013-12-01 09:59 - 00001120 _____ C:\Windows\setupact.log
2013-11-26 15:23 - 2013-11-26 15:23 - 00001120 _____ C:\Windows\PFRO.log
2013-11-26 15:23 - 2013-11-26 15:23 - 00000000 _____ C:\Windows\setuperr.log
2013-11-24 12:57 - 2013-11-24 12:58 - 00903832 _____ C:\Users\DOMAPC\Downloads\yet_another_cleaner.exe
2013-11-23 22:25 - 2013-11-23 22:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\DOMAPC\Downloads\SpyHunter-Installer.exe
2013-11-23 21:36 - 2013-11-23 21:36 - 01873344 _____ ( ) C:\Users\DOMAPC\Downloads\AVG_Browser_configuration_tool (1).exe
2013-11-23 21:35 - 2013-11-23 21:35 - 01873344 _____ ( ) C:\Users\DOMAPC\Downloads\AVG_Browser_configuration_tool.exe
2013-11-23 18:34 - 2013-11-23 18:34 - 00010048 _____ C:\Users\DOMAPC\Documents\cc_20131123_183417.reg
2013-11-21 22:24 - 2013-11-21 22:25 - 01062104 _____ C:\Users\DOMAPC\Documents\cc_20131121_222342.reg
2013-11-21 21:47 - 2013-10-13 15:55 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-21 21:47 - 2013-10-13 15:48 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-21 21:47 - 2013-10-13 15:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-21 21:47 - 2013-10-13 15:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-21 21:47 - 2013-10-13 15:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-21 21:47 - 2013-10-13 15:44 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-21 21:47 - 2013-10-13 15:42 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-21 21:47 - 2013-10-13 15:42 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-21 21:47 - 2013-10-13 15:42 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-21 21:47 - 2013-10-13 15:39 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-21 21:47 - 2013-10-13 15:38 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-21 21:47 - 2013-10-13 15:36 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-21 21:47 - 2013-10-13 15:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-21 21:47 - 2013-10-13 15:29 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-21 21:47 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-21 21:47 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-21 21:47 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-21 21:47 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-21 21:47 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-21 21:47 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-21 21:47 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-21 21:47 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-21 21:47 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-21 21:47 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-21 21:47 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-21 21:47 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-21 21:47 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-21 21:47 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-21 21:47 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-21 21:46 - 2013-10-13 16:58 - 17847296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-21 21:46 - 2013-10-13 16:09 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-21 21:46 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-15 19:22 - 2013-11-15 19:23 - 00453120 _____ C:\Users\DOMAPC\Downloads\rld.dll
2013-11-13 05:55 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 05:55 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 05:55 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 05:54 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 05:54 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 05:54 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 05:54 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 05:54 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 05:54 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 05:54 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 05:54 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 05:54 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 05:54 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 05:54 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 05:54 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 05:54 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 05:54 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 05:54 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 05:54 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 05:54 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 05:54 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 05:54 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 05:54 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 05:54 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 05:54 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 05:54 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 05:54 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 05:54 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 05:54 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 05:54 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-11 13:59 - 2013-11-11 13:59 - 16957136 _____ (Electronic Arts, Inc.) C:\Users\DOMAPC\Downloads\OriginThinSetup (1).exe
2013-11-11 13:53 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-11-11 13:53 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-11-11 13:53 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-11-11 13:53 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-11-11 13:53 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-11-11 13:53 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-11 13:53 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-11-11 13:53 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-11-11 13:53 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-11-11 13:53 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-11-11 13:53 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-11-11 13:53 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-11-11 13:53 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-11-11 13:53 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-11-11 13:53 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-11-11 13:53 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-11-11 13:53 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-11-11 13:53 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-11-11 13:53 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-11-11 13:53 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-11-11 13:53 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-11-11 13:53 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-11-11 13:53 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-11-11 13:53 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-11-11 13:53 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-11-11 13:53 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-11-11 13:53 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-11-11 13:53 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-11-11 13:53 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-11-11 13:53 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-11-11 13:53 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-11-11 13:53 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-11-11 13:53 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-11-11 13:53 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-11-11 13:53 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-11-11 13:53 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-11-11 13:53 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-11-11 13:53 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-11-11 13:53 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-11-11 13:53 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-11-11 13:53 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-11-11 13:53 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-11-11 13:53 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-11-11 13:53 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-11-11 13:53 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-11-11 13:53 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-11-11 13:53 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-11-11 13:53 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-11-11 13:52 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-11-11 13:52 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-11-11 13:52 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-11-11 13:52 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-11-11 13:52 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-11-11 13:52 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-11-11 13:52 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-11-11 13:52 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-11-11 13:52 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-11-11 13:48 - 2013-11-23 22:00 - 00000786 _____ C:\Users\Public\Desktop\FIFA 14.lnk
2013-11-11 13:48 - 2013-11-11 13:48 - 00000647 _____ C:\Users\Public\Desktop\FIFA 14 Nastavení.lnk
2013-11-11 13:13 - 2013-11-11 13:13 - 00017423 _____ C:\Users\DOMAPC\Downloads\Pro Evolution Soccer 2014 [RePack] [RUS _ ENG] (2013) (1.0) ---[www.bts.to]--- .torrent
2013-11-11 13:03 - 2013-11-11 13:03 - 00031099 _____ C:\Users\DOMAPC\Downloads\[CzT]Pro_Evolution_Soccer_2014.torrent
2013-11-11 12:57 - 2013-11-11 12:58 - 00026425 _____ C:\Users\DOMAPC\Downloads\[CzT]FIFA_14_2013_CZ_ (1).torrent
2013-11-09 09:58 - 2013-11-09 09:58 - 00000000 ____D C:\ProgramData\Oracle
2013-11-09 09:57 - 2013-11-09 09:57 - 00486808 _____ C:\Users\DOMAPC\Downloads\jre-7u7-windows-x64-aoc-jd.exe
2013-11-09 09:57 - 2013-11-09 09:57 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-09 09:57 - 2013-11-09 09:57 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-09 09:57 - 2013-11-09 09:57 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-09 09:57 - 2013-11-09 09:57 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-09 09:53 - 2013-11-09 09:54 - 30694824 _____ (Oracle Corporation) C:\Users\DOMAPC\Downloads\jre-7u45-windows-x64.exe
2013-11-09 09:52 - 2013-11-09 09:54 - 45313962 _____ C:\Users\DOMAPC\Downloads\CarovnyMinecraft_1.5.2_v4.1.zip
2013-11-07 18:00 - 2013-11-07 18:00 - 04897880 _____ (Adobe Systems Inc.) C:\Users\DOMAPC\Downloads\Shockwave_Installer_Slim.exe
2013-11-07 16:32 - 2013-11-07 16:32 - 00000000 ____D C:\Users\DOMAPC\AppData\Local\WarThunder
2013-11-07 16:32 - 2013-11-07 16:32 - 00000000 ____D C:\ProgramData\WarThunder
2013-11-07 16:31 - 2013-11-07 16:31 - 00000000 ____D C:\Users\DOMAPC\Documents\My Games
2013-11-07 16:26 - 2013-11-07 16:27 - 04208536 _____ (2013 Gaijin Entertainment Corporation ) C:\Users\DOMAPC\Downloads\wt_launcher_1.0.1.278.exe
2013-11-04 17:36 - 2013-11-04 17:36 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\com.1minus1.socialsafe.D675411CF670AA3EFAC13BDD847989BEDE2115E2.1
2013-11-04 17:34 - 2013-11-04 17:35 - 49411680 _____ (Social Safe Limited) C:\Users\DOMAPC\Downloads\SocialSafe-installer.exe
2013-11-03 13:10 - 2013-11-03 13:13 - 135548644 _____ C:\Users\DOMAPC\Downloads\VycraftujTo64.exe
2013-11-03 12:54 - 2013-11-03 12:57 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\.technic
==================== One Month Modified Files and Folders =======
2013-12-01 10:34 - 2013-12-01 10:32 - 00030221 _____ C:\Users\DOMAPC\Desktop\FRST.txt
2013-12-01 10:32 - 2013-12-01 10:32 - 00000000 ____D C:\FRST
2013-12-01 10:30 - 2013-12-01 10:31 - 00112640 _____ (forum.viry.cz) C:\Users\DOMAPC\Desktop\FRSTLauncher.exe
2013-12-01 10:30 - 2013-12-01 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\DOMAPC\Downloads\FRSTLauncher.exe
2013-12-01 10:28 - 2013-12-01 10:30 - 01959184 _____ (Farbar) C:\Users\DOMAPC\Desktop\FRST64.exe
2013-12-01 10:28 - 2013-12-01 10:28 - 01959184 _____ (Farbar) C:\Users\DOMAPC\Downloads\FRST64.exe
2013-12-01 10:22 - 2009-07-14 03:34 - 00000499 _____ C:\Windows\win.ini
2013-12-01 10:17 - 2012-10-09 11:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-01 10:07 - 2012-04-24 17:49 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E4B000F0-7C43-41DF-A76D-6BAB3ECC5C94}
2013-12-01 10:06 - 2009-07-14 05:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 10:06 - 2009-07-14 05:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 10:05 - 2013-04-27 08:19 - 01262205 _____ C:\Windows\WindowsUpdate.log
2013-12-01 10:05 - 2012-09-30 14:46 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job
2013-12-01 09:59 - 2013-11-26 15:23 - 00001120 _____ C:\Windows\setupact.log
2013-12-01 09:59 - 2013-09-12 15:42 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-01 09:59 - 2013-08-07 07:48 - 00000386 _____ C:\Windows\Tasks\SLOW-PCfighter64-DOMAPC-Notification.job
2013-12-01 09:59 - 2013-08-07 07:48 - 00000384 _____ C:\Windows\Tasks\SLOW-PCfighter64-DOMAPC-Startup.job
2013-12-01 09:59 - 2013-06-30 17:35 - 00000000 ____D C:\Users\DOMAPC\AppData\Local\LogMeIn Hamachi
2013-12-01 09:59 - 2013-04-27 19:00 - 00000376 ____H C:\Windows\Tasks\MagniPicUpdaterTask{7CDB441B-B928-45E1-B8D0-3298EFC0B052}.job
2013-12-01 09:59 - 2012-12-24 15:09 - 00000364 ____H C:\Windows\Tasks\ZoomExUpdaterTask{B1A9954F-A57E-4AA8-83CB-AC9DB470AF26}.job
2013-12-01 09:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-30 19:53 - 2013-09-12 15:42 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-30 17:27 - 2011-12-27 09:46 - 00000000 ____D C:\Users\DOMAPC\Desktop\Maty
2013-11-30 13:52 - 2011-08-14 17:37 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\Skype
2013-11-30 11:20 - 2013-07-15 13:15 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job
2013-11-30 09:29 - 2009-07-14 06:08 - 00032612 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-30 07:39 - 2013-11-30 07:39 - 22609606 _____ C:\Users\DOMAPC\Downloads\VALASKA POLANKA.zip
2013-11-30 07:04 - 2012-09-30 14:46 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job
2013-11-30 06:59 - 2012-09-30 14:46 - 00003942 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA
2013-11-30 06:59 - 2012-09-30 14:46 - 00003546 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core
2013-11-29 19:19 - 2013-06-23 19:00 - 00000000 ____D C:\Users\DOMAPC\Documents\FIFA 13
2013-11-29 14:20 - 2013-07-15 13:15 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job
2013-11-28 14:26 - 2013-11-28 14:26 - 75555042 _____ () C:\Users\DOMAPC\Downloads\mctitantekkitpro.exe
2013-11-27 13:24 - 2013-06-28 15:45 - 00000000 ____D C:\Users\DOMAPC\Desktop\Hry
2013-11-27 06:26 - 2011-08-13 21:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-26 15:23 - 2013-11-26 15:23 - 00001120 _____ C:\Windows\PFRO.log
2013-11-26 15:23 - 2013-11-26 15:23 - 00000000 _____ C:\Windows\setuperr.log
2013-11-25 13:53 - 2013-10-11 15:53 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\Origin
2013-11-25 13:53 - 2013-10-11 15:51 - 00000000 ____D C:\ProgramData\Origin
2013-11-24 19:25 - 2011-09-09 15:59 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\TS3Client
2013-11-24 17:21 - 2013-10-09 19:47 - 00000000 ____D C:\Windows\rescache
2013-11-24 12:58 - 2013-11-24 12:57 - 00903832 _____ C:\Users\DOMAPC\Downloads\yet_another_cleaner.exe
2013-11-23 22:34 - 2013-09-05 17:27 - 00000000 ____D C:\ProgramData\TechSmith
2013-11-23 22:29 - 2011-12-27 20:39 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\Yandex
2013-11-23 22:25 - 2013-11-23 22:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\DOMAPC\Downloads\SpyHunter-Installer.exe
2013-11-23 22:13 - 2013-06-14 09:21 - 00000896 __RSH C:\Users\DOMAPC\ntuser.pol
2013-11-23 22:13 - 2011-08-13 11:55 - 00000000 ____D C:\Users\DOMAPC
2013-11-23 22:06 - 2011-08-13 12:46 - 00000000 ____D C:\Windows\Panther
2013-11-23 22:00 - 2013-11-11 13:48 - 00000786 _____ C:\Users\Public\Desktop\FIFA 14.lnk
2013-11-23 21:36 - 2013-11-23 21:36 - 01873344 _____ ( ) C:\Users\DOMAPC\Downloads\AVG_Browser_configuration_tool (1).exe
2013-11-23 21:36 - 2013-08-07 10:23 - 00000000 ____D C:\Users\DOMAPC\AppData\Local\AVG SafeGuard toolbar
2013-11-23 21:35 - 2013-11-23 21:35 - 01873344 _____ ( ) C:\Users\DOMAPC\Downloads\AVG_Browser_configuration_tool.exe
2013-11-23 21:27 - 2013-05-01 20:02 - 00000000 ____D C:\Nemazat
2013-11-23 21:27 - 2013-01-10 14:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-23 21:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-23 21:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-23 21:27 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-23 18:34 - 2013-11-23 18:34 - 00010048 _____ C:\Users\DOMAPC\Documents\cc_20131123_183417.reg
2013-11-23 18:01 - 2013-04-06 07:53 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\Seznam.cz
2013-11-23 17:36 - 2013-05-01 10:57 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-11-23 17:31 - 2011-08-14 09:06 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-23 17:26 - 2012-07-26 22:20 - 00000000 ____D C:\ProgramData\Codemasters
2013-11-23 17:18 - 2013-09-07 19:56 - 00000000 ____D C:\Program Files (x86)\Secure Speed Dial
2013-11-23 17:14 - 2013-10-20 11:28 - 00000000 ____D C:\Users\DOMAPC\Documents\KONAMI
2013-11-21 22:25 - 2013-11-21 22:24 - 01062104 _____ C:\Users\DOMAPC\Documents\cc_20131121_222342.reg
2013-11-21 22:13 - 2013-08-07 10:21 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-11-21 22:13 - 2013-06-26 11:08 - 00000000 ____D C:\Users\DOMAPC\AppData\Local\CrashDumps
2013-11-21 22:13 - 2011-08-14 17:37 - 00000000 ____D C:\ProgramData\Skype
2013-11-21 20:45 - 2012-10-15 09:02 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-21 20:05 - 2013-07-01 09:00 - 00000000 ____D C:\ProgramData\Adobe
2013-11-17 17:19 - 2010-11-21 09:33 - 00685758 _____ C:\Windows\system32\perfh005.dat
2013-11-17 17:19 - 2010-11-21 09:33 - 00150816 _____ C:\Windows\system32\perfc005.dat
2013-11-17 17:19 - 2009-07-14 06:13 - 01635160 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-16 13:30 - 2013-04-06 07:50 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\DAEMON Tools Lite
2013-11-15 19:23 - 2013-11-15 19:22 - 00453120 _____ C:\Users\DOMAPC\Downloads\rld.dll
2013-11-15 18:49 - 2012-06-21 18:46 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-11-13 06:35 - 2013-08-05 20:01 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 06:35 - 2011-08-13 19:02 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-11 13:59 - 2013-11-11 13:59 - 16957136 _____ (Electronic Arts, Inc.) C:\Users\DOMAPC\Downloads\OriginThinSetup (1).exe
2013-11-11 13:48 - 2013-11-11 13:48 - 00000647 _____ C:\Users\Public\Desktop\FIFA 14 Nastavení.lnk
2013-11-11 13:13 - 2013-11-11 13:13 - 00017423 _____ C:\Users\DOMAPC\Downloads\Pro Evolution Soccer 2014 [RePack] [RUS _ ENG] (2013) (1.0) ---[www.bts.to]--- .torrent
2013-11-11 13:03 - 2013-11-11 13:03 - 00031099 _____ C:\Users\DOMAPC\Downloads\[CzT]Pro_Evolution_Soccer_2014.torrent
2013-11-11 12:58 - 2013-11-11 12:57 - 00026425 _____ C:\Users\DOMAPC\Downloads\[CzT]FIFA_14_2013_CZ_ (1).torrent
2013-11-11 05:50 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-09 09:59 - 2013-08-08 07:11 - 00000000 ____D C:\Program Files\Java
2013-11-09 09:58 - 2013-11-09 09:58 - 00000000 ____D C:\ProgramData\Oracle
2013-11-09 09:58 - 2013-06-06 18:02 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\OpenCandy
2013-11-09 09:57 - 2013-11-09 09:57 - 00486808 _____ C:\Users\DOMAPC\Downloads\jre-7u7-windows-x64-aoc-jd.exe
2013-11-09 09:57 - 2013-11-09 09:57 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-09 09:57 - 2013-11-09 09:57 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-09 09:57 - 2013-11-09 09:57 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-09 09:57 - 2013-11-09 09:57 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-09 09:54 - 2013-11-09 09:53 - 30694824 _____ (Oracle Corporation) C:\Users\DOMAPC\Downloads\jre-7u45-windows-x64.exe
2013-11-09 09:54 - 2013-11-09 09:52 - 45313962 _____ C:\Users\DOMAPC\Downloads\CarovnyMinecraft_1.5.2_v4.1.zip
2013-11-09 09:54 - 2013-10-24 15:16 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\.minecraft
2013-11-07 18:00 - 2013-11-07 18:00 - 04897880 _____ (Adobe Systems Inc.) C:\Users\DOMAPC\Downloads\Shockwave_Installer_Slim.exe
2013-11-07 18:00 - 2012-08-31 10:39 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-11-07 16:32 - 2013-11-07 16:32 - 00000000 ____D C:\Users\DOMAPC\AppData\Local\WarThunder
2013-11-07 16:32 - 2013-11-07 16:32 - 00000000 ____D C:\ProgramData\WarThunder
2013-11-07 16:31 - 2013-11-07 16:31 - 00000000 ____D C:\Users\DOMAPC\Documents\My Games
2013-11-07 16:27 - 2013-11-07 16:26 - 04208536 _____ (2013 Gaijin Entertainment Corporation ) C:\Users\DOMAPC\Downloads\wt_launcher_1.0.1.278.exe
2013-11-04 17:36 - 2013-11-04 17:36 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\com.1minus1.socialsafe.D675411CF670AA3EFAC13BDD847989BEDE2115E2.1
2013-11-04 17:35 - 2013-11-04 17:34 - 49411680 _____ (Social Safe Limited) C:\Users\DOMAPC\Downloads\SocialSafe-installer.exe
2013-11-03 13:13 - 2013-11-03 13:10 - 135548644 _____ C:\Users\DOMAPC\Downloads\VycraftujTo64.exe
2013-11-03 12:57 - 2013-11-03 12:54 - 00000000 ____D C:\Users\DOMAPC\AppData\Roaming\.technic
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => C:\Users\DOMAPC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => C:\Users\DOMAPC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MagniPicUpdaterTask{7CDB441B-B928-45E1-B8D0-3298EFC0B052}.job => C:\ProgramData\Premium\MagniPic\MagniPic.exe
Task: C:\Windows\Tasks\SLOW-PCfighter64-DOMAPC-Notification.job => C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe
Task: C:\Windows\Tasks\SLOW-PCfighter64-DOMAPC-Startup.job => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe
Task: C:\Windows\Tasks\ZoomExUpdaterTask{B1A9954F-A57E-4AA8-83CB-AC9DB470AF26}.job => C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
==================== Security Center ==================
AV: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\DOMAPC\Desktop" je 13020 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser
C:\Windows\system32\hkcmd.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre
Re�im ECHO je vypnut.
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"E:\\Combat Arms EU\\CombatArms.exe"="E:\\Combat Arms EU\\CombatArms.exe:*Enabled:CombatArms.exe"
"E:\\Combat Arms EU\\Engine.exe"="E:\\Combat Arms EU\\Engine.exe:*Enabled:Engine.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.Start
HKCU\...\Run: [Facebook Update] - C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-15] (Facebook Inc.)
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... =643145241
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=7 ... g=EN&cc=CZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=3206
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKLM-x32 - {659E0D8C-A6FD-52CA-4D96-1C5DBAC3A87A} URL = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {72DF08E1-A341-44AA-801A-D6FAA41388F7} URL = http://search.sweetim.com/search.asp?sr ... 0&st=18&q={searchTerms}&barid={79389567-E061-11E0-814C-90E6BA0D775F}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2776682
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-results.info/?l=1&q ... g=EN&cc=CZ
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - AA8F05285C55412591516BF59E2BDC4B URL = http://mixidj.delta-search.com/?q={sear ... 6&tsp=4933
SearchScopes: HKCU - {048C1097-4B87-4BBB-A85C-5DC6C93FB001} URL = http://search.softonic.com/INF00176/tb_ ... 775f&r=252
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
SearchScopes: HKCU - {10FFEE2F-2789-418B-9497-F03B488F95DE} URL = http://mp3tubetoolbar.com/?tmp=toolbar_ ... &Keywords={searchTerms}&clid=f8e3dcb61a834c4f8d48ffef97fcc2c1
SearchScopes: HKCU - {19AEADAE-08A9-41B6-B619-7F492455E5FE} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {72DF08E1-A341-44AA-801A-D6FAA41388F7} URL = http://search.sweetim.com/search.asp?sr ... 0&st=18&q={searchTerms}&barid={79389567-E061-11E0-814C-90E6BA0D775F}
SearchScopes: HKCU - {8172f457-818d-46db-941f-2bbe53e156af} URL = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-results.info/?l=1&q ... g=EN&cc=CZ
SearchScopes: HKCU - {BC88A8ED-DEB6-4682-999C-7EEFA1CA7C26} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {CADF03C6-9BED-42C4-800F-37923F9D24C7} URL = http://searchou.com/?q={searchTerms}&id ... d775f&r=98
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb139/?se ... rRqv6&i=26
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.certified-toolbar.com?si= ... id=3206&q={searchTerms}
SearchScopes: HKCU - {FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2} URL = http://www.etypestart.com/s/?q={searchT ... rer:source}
BHO: No Name - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - No File
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: No Name - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No File
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
Toolbar: HKLM - No Name - !{855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - !{91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKLM-x32 - No Name - {41545533-2D53-4154-00A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {41545533-2D53-4154-00A7-7A786E7484D7} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
FF Homepage: hxxp://www.search.ask.com/?p2=%5EAKM%5E ... 06-24&psv=
FF SearchEngineOrder.1: Ask Search
FF NewTab: hxxp://mixidj.delta-search.com/?babsrc= ... 6&tsp=4933
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Ask Search
FF Plugin: @microsoft.com/GENUINE - disabled No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\DOMAPC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => C:\Users\DOMAPC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => C:\Users\DOMAPC\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Tady je tedy log po fixnutí:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2013
Ran by DOMAPC at 2013-12-01 11:16:18 Run:1
Running from C:\Users\DOMAPC\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKCU\...\Run: [Facebook Update] - C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-15] (Facebook Inc.)
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... =643145241
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=7 ... g=EN&cc=CZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=3206
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKLM-x32 - {659E0D8C-A6FD-52CA-4D96-1C5DBAC3A87A} URL = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {72DF08E1-A341-44AA-801A-D6FAA41388F7} URL = http://search.sweetim.com/search.asp?sr ... 0&st=18&q={searchTerms}&barid={79389567-E061-11E0-814C-90E6BA0D775F}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2776682
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-results.info/?l=1&q ... g=EN&cc=CZ
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - AA8F05285C55412591516BF59E2BDC4B URL = http://mixidj.delta-search.com/?q={sear ... 6&tsp=4933
SearchScopes: HKCU - {048C1097-4B87-4BBB-A85C-5DC6C93FB001} URL = http://search.softonic.com/INF00176/tb_ ... 775f&r=252
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
SearchScopes: HKCU - {10FFEE2F-2789-418B-9497-F03B488F95DE} URL = http://mp3tubetoolbar.com/?tmp=toolbar_ ... &Keywords={searchTerms}&clid=f8e3dcb61a834c4f8d48ffef97fcc2c1
SearchScopes: HKCU - {19AEADAE-08A9-41B6-B619-7F492455E5FE} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {72DF08E1-A341-44AA-801A-D6FAA41388F7} URL = http://search.sweetim.com/search.asp?sr ... 0&st=18&q={searchTerms}&barid={79389567-E061-11E0-814C-90E6BA0D775F}
SearchScopes: HKCU - {8172f457-818d-46db-941f-2bbe53e156af} URL = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-results.info/?l=1&q ... g=EN&cc=CZ
SearchScopes: HKCU - {BC88A8ED-DEB6-4682-999C-7EEFA1CA7C26} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {CADF03C6-9BED-42C4-800F-37923F9D24C7} URL = http://searchou.com/?q={searchTerms}&id ... d775f&r=98
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb139/?se ... rRqv6&i=26
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.certified-toolbar.com?si= ... id=3206&q={searchTerms}
SearchScopes: HKCU - {FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2} URL = http://www.etypestart.com/s/?q={searchT ... rer:source}
BHO: No Name - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - No File
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: No Name - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No File
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
Toolbar: HKLM - No Name - !{855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - !{91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKLM-x32 - No Name - {41545533-2D53-4154-00A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {41545533-2D53-4154-00A7-7A786E7484D7} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
FF Homepage: hxxp://www.search.ask.com/?p2=%5EAKM%5E ... 06-24&psv=
FF SearchEngineOrder.1: Ask Search
FF NewTab: hxxp://mixidj.delta-search.com/?babsrc= ... 6&tsp=4933
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Ask Search
FF Plugin: @microsoft.com/GENUINE - disabled No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\DOMAPC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => C:\Users\DOMAPC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => C:\Users\DOMAPC\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
End
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Default_Page_URL => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{659E0D8C-A6FD-52CA-4D96-1C5DBAC3A87A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{659E0D8C-A6FD-52CA-4D96-1C5DBAC3A87A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{72DF08E1-A341-44AA-801A-D6FAA41388F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{72DF08E1-A341-44AA-801A-D6FAA41388F7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\AA8F05285C55412591516BF59E2BDC4B => Key deleted successfully.
HKCR\CLSID\AA8F05285C55412591516BF59E2BDC4B => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{048C1097-4B87-4BBB-A85C-5DC6C93FB001} => Key deleted successfully.
HKCR\CLSID\{048C1097-4B87-4BBB-A85C-5DC6C93FB001} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} => Key deleted successfully.
HKCR\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{10FFEE2F-2789-418B-9497-F03B488F95DE} => Key deleted successfully.
HKCR\CLSID\{10FFEE2F-2789-418B-9497-F03B488F95DE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{19AEADAE-08A9-41B6-B619-7F492455E5FE} => Key deleted successfully.
HKCR\CLSID\{19AEADAE-08A9-41B6-B619-7F492455E5FE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key deleted successfully.
HKCR\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{72DF08E1-A341-44AA-801A-D6FAA41388F7} => Key deleted successfully.
HKCR\CLSID\{72DF08E1-A341-44AA-801A-D6FAA41388F7} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af} => Key deleted successfully.
HKCR\CLSID\{8172f457-818d-46db-941f-2bbe53e156af} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BC88A8ED-DEB6-4682-999C-7EEFA1CA7C26} => Key deleted successfully.
HKCR\CLSID\{BC88A8ED-DEB6-4682-999C-7EEFA1CA7C26} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CADF03C6-9BED-42C4-800F-37923F9D24C7} => Key deleted successfully.
HKCR\CLSID\{CADF03C6-9BED-42C4-800F-37923F9D24C7} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key deleted successfully.
HKCR\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2} => Key deleted successfully.
HKCR\CLSID\{FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} => Key deleted successfully.
HKCR\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\CLSID\!{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{91397D20-1446-11D4-8AF4-0040CA1127B6} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{91397D20-1446-11D4-8AF4-0040CA1127B6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{95B7759C-8C7F-4BF1-B163-73684A933233} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{41545534-0076-A76A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{41545533-2D53-4154-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{41545533-2D53-4154-00A7-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} => Value deleted successfully.
HKCR\CLSID\{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{51A86BB3-6602-4C85-92A5-130EE4864F13} => Value deleted successfully.
HKCR\CLSID\{51A86BB3-6602-4C85-92A5-130EE4864F13} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41545534-0076-A76A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41545533-2D53-4154-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41545533-2D53-4154-00A7-7A786E7484D7} => Key not found.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Filter\text/xml => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{807563E5-5146-11D5-A672-00B0D022E945} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Key not found.
Firefox homepage deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox newtab deleted successfully.
Firefox SearchEngineOrder.3 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
C:\Users\DOMAPC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => Moved successfully.
C:\ProgramData\TEMP => ":05EE1EEF" ADS removed successfully.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2013
Ran by DOMAPC at 2013-12-01 11:16:18 Run:1
Running from C:\Users\DOMAPC\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKCU\...\Run: [Facebook Update] - C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-15] (Facebook Inc.)
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... =643145241
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=7 ... g=EN&cc=CZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=3206
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKLM-x32 - {659E0D8C-A6FD-52CA-4D96-1C5DBAC3A87A} URL = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {72DF08E1-A341-44AA-801A-D6FAA41388F7} URL = http://search.sweetim.com/search.asp?sr ... 0&st=18&q={searchTerms}&barid={79389567-E061-11E0-814C-90E6BA0D775F}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchya.com/?q={searchTerms ... =643145241
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2776682
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-results.info/?l=1&q ... g=EN&cc=CZ
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - AA8F05285C55412591516BF59E2BDC4B URL = http://mixidj.delta-search.com/?q={sear ... 6&tsp=4933
SearchScopes: HKCU - {048C1097-4B87-4BBB-A85C-5DC6C93FB001} URL = http://search.softonic.com/INF00176/tb_ ... 775f&r=252
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
SearchScopes: HKCU - {10FFEE2F-2789-418B-9497-F03B488F95DE} URL = http://mp3tubetoolbar.com/?tmp=toolbar_ ... &Keywords={searchTerms}&clid=f8e3dcb61a834c4f8d48ffef97fcc2c1
SearchScopes: HKCU - {19AEADAE-08A9-41B6-B619-7F492455E5FE} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {72DF08E1-A341-44AA-801A-D6FAA41388F7} URL = http://search.sweetim.com/search.asp?sr ... 0&st=18&q={searchTerms}&barid={79389567-E061-11E0-814C-90E6BA0D775F}
SearchScopes: HKCU - {8172f457-818d-46db-941f-2bbe53e156af} URL = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-results.info/?l=1&q ... g=EN&cc=CZ
SearchScopes: HKCU - {BC88A8ED-DEB6-4682-999C-7EEFA1CA7C26} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {CADF03C6-9BED-42C4-800F-37923F9D24C7} URL = http://searchou.com/?q={searchTerms}&id ... d775f&r=98
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb139/?se ... rRqv6&i=26
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.certified-toolbar.com?si= ... id=3206&q={searchTerms}
SearchScopes: HKCU - {FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2} URL = http://www.etypestart.com/s/?q={searchT ... rer:source}
BHO: No Name - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - No File
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: No Name - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No File
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
Toolbar: HKLM - No Name - !{855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - !{91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKLM-x32 - No Name - {41545533-2D53-4154-00A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {41545533-2D53-4154-00A7-7A786E7484D7} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
FF Homepage: hxxp://www.search.ask.com/?p2=%5EAKM%5E ... 06-24&psv=
FF SearchEngineOrder.1: Ask Search
FF NewTab: hxxp://mixidj.delta-search.com/?babsrc= ... 6&tsp=4933
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Ask Search
FF Plugin: @microsoft.com/GENUINE - disabled No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\DOMAPC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => C:\Users\DOMAPC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => C:\Users\DOMAPC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => C:\Users\DOMAPC\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
End
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Default_Page_URL => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{659E0D8C-A6FD-52CA-4D96-1C5DBAC3A87A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{659E0D8C-A6FD-52CA-4D96-1C5DBAC3A87A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{72DF08E1-A341-44AA-801A-D6FAA41388F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{72DF08E1-A341-44AA-801A-D6FAA41388F7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\AA8F05285C55412591516BF59E2BDC4B => Key deleted successfully.
HKCR\CLSID\AA8F05285C55412591516BF59E2BDC4B => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{048C1097-4B87-4BBB-A85C-5DC6C93FB001} => Key deleted successfully.
HKCR\CLSID\{048C1097-4B87-4BBB-A85C-5DC6C93FB001} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} => Key deleted successfully.
HKCR\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{10FFEE2F-2789-418B-9497-F03B488F95DE} => Key deleted successfully.
HKCR\CLSID\{10FFEE2F-2789-418B-9497-F03B488F95DE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{19AEADAE-08A9-41B6-B619-7F492455E5FE} => Key deleted successfully.
HKCR\CLSID\{19AEADAE-08A9-41B6-B619-7F492455E5FE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key deleted successfully.
HKCR\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{72DF08E1-A341-44AA-801A-D6FAA41388F7} => Key deleted successfully.
HKCR\CLSID\{72DF08E1-A341-44AA-801A-D6FAA41388F7} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af} => Key deleted successfully.
HKCR\CLSID\{8172f457-818d-46db-941f-2bbe53e156af} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BC88A8ED-DEB6-4682-999C-7EEFA1CA7C26} => Key deleted successfully.
HKCR\CLSID\{BC88A8ED-DEB6-4682-999C-7EEFA1CA7C26} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CADF03C6-9BED-42C4-800F-37923F9D24C7} => Key deleted successfully.
HKCR\CLSID\{CADF03C6-9BED-42C4-800F-37923F9D24C7} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key deleted successfully.
HKCR\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2} => Key deleted successfully.
HKCR\CLSID\{FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} => Key deleted successfully.
HKCR\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\CLSID\!{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{91397D20-1446-11D4-8AF4-0040CA1127B6} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{91397D20-1446-11D4-8AF4-0040CA1127B6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{95B7759C-8C7F-4BF1-B163-73684A933233} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{41545534-0076-A76A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{41545533-2D53-4154-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{41545533-2D53-4154-00A7-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} => Value deleted successfully.
HKCR\CLSID\{08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{51A86BB3-6602-4C85-92A5-130EE4864F13} => Value deleted successfully.
HKCR\CLSID\{51A86BB3-6602-4C85-92A5-130EE4864F13} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41545534-0076-A76A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41545533-2D53-4154-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41545533-2D53-4154-00A7-7A786E7484D7} => Key not found.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Filter\text/xml => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{807563E5-5146-11D5-A672-00B0D022E945} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Key not found.
Firefox homepage deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox newtab deleted successfully.
Firefox SearchEngineOrder.3 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
C:\Users\DOMAPC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195039941-2980066749-1374615665-1000UA.job => Moved successfully.
C:\ProgramData\TEMP => ":05EE1EEF" ADS removed successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Bohužel, ne. Nejdříve bez restartu a pak i s restartováním PC a po spuštění google chrome je zase startovací stránka (http://search.certified-toolbar.com/?si ... e&tid=3206) i když je nastavená stránka seznam.cz
Asi jsem kopyto, nebo nevím.
Asi jsem kopyto, nebo nevím.
Re: Prosím o kontrolu logu
Pro jistotu jsem teď z fora stahnul Adwcleaner, spustil jsem scan a následně vymazal, počítač se pak resetnul a níže zasílám výpis logu. Teď již chrome pracuje jak má. Díky za spolupráci.
Snad to bude již v pořádku:
# AdwCleaner v3.003 - Report created 01/12/2013 at 13:00:04
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)
# Username : DOMAPC - KONKON
# Running from : C:\Users\DOMAPC\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\ADDICT-THING
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADDICT-THING
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Users\DOMAPC\AppData\Local\cre
Folder Deleted : C:\Users\DOMAPC\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\DOMAPC\AppData\LocalLow\ADDICT-THING
Folder Deleted : C:\Users\DOMAPC\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\DOMAPC\AppData\Roaming\Systweak
Folder Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\50545c643d139@50545c643d172.com
Folder Deleted : C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfibbdiamcijedpdjiadlbiphobmogk
Folder Deleted : C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\addon@defaulttab.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\\invalidprefs.js
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\ask-search.xml
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\Babylon.xml
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\search-here.xml
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\softonic.xml
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\user.js
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\DOMAPC\Desktop\Programy\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player PRO.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Zoner Photo Studio 13 x64.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Zoner Photo Studio 13.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk
***** [ Registry ] *****
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kbfibbdiamcijedpdjiadlbiphobmogk
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_crysis_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_crysis_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12 (1)_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12 (1)_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_gta-iv-san-andreas_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_gta-iv-san-andreas_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hypercam_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hypercam_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-wallpaper_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-wallpaper_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_naild_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_naild_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_pes-2012_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_pes-2012_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_uk-truck-simulator_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_uk-truck-simulator_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\QuestBasic
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{71277DC4-4217-462A-9FF4-62D7815B2C69}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
***** [ Browsers ] *****
-\\ Internet Explorer v0.0.0.0
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
-\\ Mozilla Firefox v20.0.1 (cs)
[ File : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\prefs.js ]
Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "BrotherSoft Extreme Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.pu-results.info/?pid=726&r=2013/04/13&hid=2670627281&lg=EN&cc=CZ&l=1&q=");
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3031607&SearchSource=13,hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "SFT_eng7 Customized Web Search,BrotherSoft Extreme Customized Web Search");
Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108602&tt=171011_prot~171011_prot");
Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "b805017300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "b805017300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15437");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:45:39");
Line Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Line Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Line Deleted : user_pref("extensions.incredibar_i.did", "10650");
Line Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Line Deleted : user_pref("extensions.incredibar_i.id", "b805017300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Line Deleted : user_pref("extensions.incredibar_i.instlDay", "15545");
Line Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Line Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Line Deleted : user_pref("extensions.incredibar_i.newTab", false);
Line Deleted : user_pref("extensions.incredibar_i.ppd", "20%5F5");
Line Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Line Deleted : user_pref("extensions.incredibar_i.productid", "26");
Line Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Line Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8zWrRqv6&loc=IB_TB&i=26&search=");
Line Deleted : user_pref("extensions.incredibar_i.upn2", "6R8zWrRqv6");
Line Deleted : user_pref("extensions.incredibar_i.upn2n", "92824759346074488");
Line Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1410:00:30");
Line Deleted : user_pref("extensions.privitize.hpOld0", "hxxp://websearch.pu-results.info/?pid=726&r=2013/04/13&hid=2670627281&lg=EN&cc=CZ");
Line Deleted : user_pref("extensions.privitize.srchPrvdr", "Search The Web (privitize)");
Line Deleted : user_pref("extensions.searchya.aflt", "foxtab");
Line Deleted : user_pref("extensions.searchya.autoRvrt", false);
Line Deleted : user_pref("extensions.searchya.dfltLng", "");
Line Deleted : user_pref("extensions.searchya.dfltSrch", true);
Line Deleted : user_pref("extensions.searchya.dnsErr", true);
Line Deleted : user_pref("extensions.searchya.envrmnt", "production");
Line Deleted : user_pref("extensions.searchya.excTlbr", false);
Line Deleted : user_pref("extensions.searchya.hmpg", true);
Line Deleted : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... =643145241")[...]
Line Deleted : user_pref("extensions.searchya.id", "90E6BA0D775F0173");
Line Deleted : user_pref("extensions.searchya.instlDay", "15540");
Line Deleted : user_pref("extensions.searchya.instlRef", "tc-100");
Line Deleted : user_pref("extensions.searchya.isdcmntcmplt", true);
Line Deleted : user_pref("extensions.searchya.mntrvrsn", "1.3.0");
Line Deleted : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?s=2&a=foxtab&chnl=tc- ... =643145241[...]
Line Deleted : user_pref("extensions.searchya.prdct", "searchya");
Line Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
Line Deleted : user_pref("extensions.searchya.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.searchya.tlbrId", "base");
Line Deleted : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?s=3&a=foxtab&chnl=tc- ... cr=6431452[...]
Line Deleted : user_pref("extensions.searchya.vrsn", "1.5.20.0");
Line Deleted : user_pref("extensions.searchya.vrsni", "1.5.20.0");
Line Deleted : user_pref("extensions.searchya_i.newTab", true);
Line Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
Line Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.5.20.012:13:28");
Line Deleted : user_pref("extensions.Softonic.admin", false);
Line Deleted : user_pref("extensions.Softonic.aflt", "SD");
Line Deleted : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Line Deleted : user_pref("extensions.Softonic.dfltLng", "");
Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
Line Deleted : user_pref("extensions.Softonic.dnsErr", true);
Line Deleted : user_pref("extensions.Softonic.excTlbr", false);
Line Deleted : user_pref("extensions.Softonic.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.Softonic.hmpg", true);
Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=e271ee3300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.Softonic.hpOld0", "hxxp://mixidj.delta-search.com/?affID=121136&babsrc=HP_ss&mntrId=E27190E6BA0D775F");
Line Deleted : user_pref("extensions.Softonic.id", "e271ee3300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.Softonic.instlDay", "15879");
Line Deleted : user_pref("extensions.Softonic.instlRef", "INF00176");
Line Deleted : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&mi=e271ee3300000000000090e6ba0d775f&q=");
Line Deleted : user_pref("extensions.Softonic.newTab", true);
Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00176/tb_v1/?SearchSource=15&cc=&mi=e271ee3300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Line Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Line Deleted : user_pref("extensions.Softonic.rvrt", "false");
Line Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
Line Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1&cc=&mi=e271ee3300000000000090e6ba0d775f&q=");
Line Deleted : user_pref("extensions.Softonic.vrsn", "1.8.19.3");
Line Deleted : user_pref("extensions.Softonic.vrsni", "1.8.19.3");
Line Deleted : user_pref("extensions.Softonic.vrsnTs", "1.8.19.311:59:43");
Line Deleted : user_pref("extensions.softonic_i.aflt", "orgnl");
Line Deleted : user_pref("extensions.softonic_i.dfltLng", "");
Line Deleted : user_pref("extensions.softonic_i.dfltSrch", true);
Line Deleted : user_pref("extensions.softonic_i.dnsErr", true);
Line Deleted : user_pref("extensions.softonic_i.excTlbr", false);
Line Deleted : user_pref("extensions.softonic_i.hmpg", true);
Line Deleted : user_pref("extensions.softonic_i.hmpgUrl", "hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=13&cc=");
Line Deleted : user_pref("extensions.softonic_i.id", "b805017300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.softonic_i.instlDay", "15431");
Line Deleted : user_pref("extensions.softonic_i.instlRef", "MON00001");
Line Deleted : user_pref("extensions.softonic_i.keyWordUrl", "hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=2&cc=&q=");
Line Deleted : user_pref("extensions.softonic_i.newTab", false);
Line Deleted : user_pref("extensions.softonic_i.newTabUrl", "hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=15&cc=");
Line Deleted : user_pref("extensions.softonic_i.prdct", "softonic");
Line Deleted : user_pref("extensions.softonic_i.prtnrId", "softonic");
Line Deleted : user_pref("extensions.softonic_i.smplGrp", "eng7");
Line Deleted : user_pref("extensions.softonic_i.srchPrvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.softonic_i.tlbrId", "eng7");
Line Deleted : user_pref("extensions.softonic_i.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=");
Line Deleted : user_pref("extensions.softonic_i.vrsn", "1.5.11.5");
Line Deleted : user_pref("extensions.softonic_i.vrsni", "1.5.11.5");
Line Deleted : user_pref("extensions.softonic_i.vrsnTs", "1.5.11.514:45:29");
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "ezLooker,pagerage,buzzdock,toprelatedtopics,twittube");
Line Deleted : user_pref("extentions.y2layers.installId", "70f68f42-6b7d-43b6-bc04-c634a01e33c1");
-\\ Google Chrome v
[ File : C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [28822 octets] - [01/12/2013 12:59:08]
AdwCleaner[S0].txt - [26748 octets] - [01/12/2013 13:00:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26809 octets] ##########
Snad to bude již v pořádku:
# AdwCleaner v3.003 - Report created 01/12/2013 at 13:00:04
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)
# Username : DOMAPC - KONKON
# Running from : C:\Users\DOMAPC\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\ADDICT-THING
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADDICT-THING
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Users\DOMAPC\AppData\Local\cre
Folder Deleted : C:\Users\DOMAPC\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\DOMAPC\AppData\LocalLow\ADDICT-THING
Folder Deleted : C:\Users\DOMAPC\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\DOMAPC\AppData\Roaming\Systweak
Folder Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\50545c643d139@50545c643d172.com
Folder Deleted : C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfibbdiamcijedpdjiadlbiphobmogk
Folder Deleted : C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\Extensions\addon@defaulttab.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\\invalidprefs.js
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\ask-search.xml
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\Babylon.xml
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\search-here.xml
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\searchplugins\softonic.xml
File Deleted : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\user.js
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\DOMAPC\Desktop\Programy\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player PRO.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Zoner Photo Studio 13 x64.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Zoner Photo Studio 13.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
Shortcut Disinfected : C:\Users\DOMAPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk
***** [ Registry ] *****
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kbfibbdiamcijedpdjiadlbiphobmogk
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_crysis_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_crysis_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12 (1)_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12 (1)_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_gta-iv-san-andreas_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_gta-iv-san-andreas_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hypercam_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hypercam_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-wallpaper_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-wallpaper_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_naild_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_naild_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_pes-2012_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_pes-2012_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_uk-truck-simulator_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_uk-truck-simulator_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\QuestBasic
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{71277DC4-4217-462A-9FF4-62D7815B2C69}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
***** [ Browsers ] *****
-\\ Internet Explorer v0.0.0.0
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
-\\ Mozilla Firefox v20.0.1 (cs)
[ File : C:\Users\DOMAPC\AppData\Roaming\Mozilla\Firefox\Profiles\vm8ttgar.default\prefs.js ]
Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "BrotherSoft Extreme Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.pu-results.info/?pid=726&r=2013/04/13&hid=2670627281&lg=EN&cc=CZ&l=1&q=");
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3031607&SearchSource=13,hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "SFT_eng7 Customized Web Search,BrotherSoft Extreme Customized Web Search");
Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108602&tt=171011_prot~171011_prot");
Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "b805017300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "b805017300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15437");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:45:39");
Line Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Line Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Line Deleted : user_pref("extensions.incredibar_i.did", "10650");
Line Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Line Deleted : user_pref("extensions.incredibar_i.id", "b805017300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Line Deleted : user_pref("extensions.incredibar_i.instlDay", "15545");
Line Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Line Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Line Deleted : user_pref("extensions.incredibar_i.newTab", false);
Line Deleted : user_pref("extensions.incredibar_i.ppd", "20%5F5");
Line Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Line Deleted : user_pref("extensions.incredibar_i.productid", "26");
Line Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Line Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8zWrRqv6&loc=IB_TB&i=26&search=");
Line Deleted : user_pref("extensions.incredibar_i.upn2", "6R8zWrRqv6");
Line Deleted : user_pref("extensions.incredibar_i.upn2n", "92824759346074488");
Line Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1410:00:30");
Line Deleted : user_pref("extensions.privitize.hpOld0", "hxxp://websearch.pu-results.info/?pid=726&r=2013/04/13&hid=2670627281&lg=EN&cc=CZ");
Line Deleted : user_pref("extensions.privitize.srchPrvdr", "Search The Web (privitize)");
Line Deleted : user_pref("extensions.searchya.aflt", "foxtab");
Line Deleted : user_pref("extensions.searchya.autoRvrt", false);
Line Deleted : user_pref("extensions.searchya.dfltLng", "");
Line Deleted : user_pref("extensions.searchya.dfltSrch", true);
Line Deleted : user_pref("extensions.searchya.dnsErr", true);
Line Deleted : user_pref("extensions.searchya.envrmnt", "production");
Line Deleted : user_pref("extensions.searchya.excTlbr", false);
Line Deleted : user_pref("extensions.searchya.hmpg", true);
Line Deleted : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... =643145241")[...]
Line Deleted : user_pref("extensions.searchya.id", "90E6BA0D775F0173");
Line Deleted : user_pref("extensions.searchya.instlDay", "15540");
Line Deleted : user_pref("extensions.searchya.instlRef", "tc-100");
Line Deleted : user_pref("extensions.searchya.isdcmntcmplt", true);
Line Deleted : user_pref("extensions.searchya.mntrvrsn", "1.3.0");
Line Deleted : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?s=2&a=foxtab&chnl=tc- ... =643145241[...]
Line Deleted : user_pref("extensions.searchya.prdct", "searchya");
Line Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
Line Deleted : user_pref("extensions.searchya.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.searchya.tlbrId", "base");
Line Deleted : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?s=3&a=foxtab&chnl=tc- ... cr=6431452[...]
Line Deleted : user_pref("extensions.searchya.vrsn", "1.5.20.0");
Line Deleted : user_pref("extensions.searchya.vrsni", "1.5.20.0");
Line Deleted : user_pref("extensions.searchya_i.newTab", true);
Line Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
Line Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.5.20.012:13:28");
Line Deleted : user_pref("extensions.Softonic.admin", false);
Line Deleted : user_pref("extensions.Softonic.aflt", "SD");
Line Deleted : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Line Deleted : user_pref("extensions.Softonic.dfltLng", "");
Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
Line Deleted : user_pref("extensions.Softonic.dnsErr", true);
Line Deleted : user_pref("extensions.Softonic.excTlbr", false);
Line Deleted : user_pref("extensions.Softonic.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.Softonic.hmpg", true);
Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=e271ee3300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.Softonic.hpOld0", "hxxp://mixidj.delta-search.com/?affID=121136&babsrc=HP_ss&mntrId=E27190E6BA0D775F");
Line Deleted : user_pref("extensions.Softonic.id", "e271ee3300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.Softonic.instlDay", "15879");
Line Deleted : user_pref("extensions.Softonic.instlRef", "INF00176");
Line Deleted : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&mi=e271ee3300000000000090e6ba0d775f&q=");
Line Deleted : user_pref("extensions.Softonic.newTab", true);
Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00176/tb_v1/?SearchSource=15&cc=&mi=e271ee3300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Line Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Line Deleted : user_pref("extensions.Softonic.rvrt", "false");
Line Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
Line Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1&cc=&mi=e271ee3300000000000090e6ba0d775f&q=");
Line Deleted : user_pref("extensions.Softonic.vrsn", "1.8.19.3");
Line Deleted : user_pref("extensions.Softonic.vrsni", "1.8.19.3");
Line Deleted : user_pref("extensions.Softonic.vrsnTs", "1.8.19.311:59:43");
Line Deleted : user_pref("extensions.softonic_i.aflt", "orgnl");
Line Deleted : user_pref("extensions.softonic_i.dfltLng", "");
Line Deleted : user_pref("extensions.softonic_i.dfltSrch", true);
Line Deleted : user_pref("extensions.softonic_i.dnsErr", true);
Line Deleted : user_pref("extensions.softonic_i.excTlbr", false);
Line Deleted : user_pref("extensions.softonic_i.hmpg", true);
Line Deleted : user_pref("extensions.softonic_i.hmpgUrl", "hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=13&cc=");
Line Deleted : user_pref("extensions.softonic_i.id", "b805017300000000000090e6ba0d775f");
Line Deleted : user_pref("extensions.softonic_i.instlDay", "15431");
Line Deleted : user_pref("extensions.softonic_i.instlRef", "MON00001");
Line Deleted : user_pref("extensions.softonic_i.keyWordUrl", "hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=2&cc=&q=");
Line Deleted : user_pref("extensions.softonic_i.newTab", false);
Line Deleted : user_pref("extensions.softonic_i.newTabUrl", "hxxp://search.softonic.com/MON00005/tb_v1?SearchSource=15&cc=");
Line Deleted : user_pref("extensions.softonic_i.prdct", "softonic");
Line Deleted : user_pref("extensions.softonic_i.prtnrId", "softonic");
Line Deleted : user_pref("extensions.softonic_i.smplGrp", "eng7");
Line Deleted : user_pref("extensions.softonic_i.srchPrvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.softonic_i.tlbrId", "eng7");
Line Deleted : user_pref("extensions.softonic_i.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=");
Line Deleted : user_pref("extensions.softonic_i.vrsn", "1.5.11.5");
Line Deleted : user_pref("extensions.softonic_i.vrsni", "1.5.11.5");
Line Deleted : user_pref("extensions.softonic_i.vrsnTs", "1.5.11.514:45:29");
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "ezLooker,pagerage,buzzdock,toprelatedtopics,twittube");
Line Deleted : user_pref("extentions.y2layers.installId", "70f68f42-6b7d-43b6-bc04-c634a01e33c1");
-\\ Google Chrome v
[ File : C:\Users\DOMAPC\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [28822 octets] - [01/12/2013 12:59:08]
AdwCleaner[S0].txt - [26748 octets] - [01/12/2013 13:00:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26809 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Doufám, že ano. Případně se ozvěte. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?