Prosím o kontrolu logu

Zpráva

Jan55 · #1 Příspěvek od **Jan55** » 16 led 2014 22:44

Logfile of random's system information tool 1.09 (written by random/random)
Run by Cenek at 2014-01-16 22:32:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (18%) free of 153 GB
Total RAM: 3037 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:32:06, on 16.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\Frag Games\GPlayer.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Cenek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.glarysoft.com/?src=iehome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TBSB05810 - {A7AF277D-1466-4A7B-93AF-B043984A5671} - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll
O2 - BHO: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: Glarysoft Toolbar - {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKCU\..\Run: [Exetender] "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender] "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\bandoo\bndhook.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12999 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2b4
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {05FC9AB3-16DE-40A5-929D-F218C6FF8AA0}
"C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f72a3e22-d976-467d-8281-264b80fbfbf6 -SystemEventPortName:HostProcess-25804e9e-8e05-41fc-a314-17cae19c742f -IoCancelEventPortName:HostProcess-3b6a827b-0b4a-48a1-ab4d-3dedab1c4d58 -NonStateChangingEventPortName:HostProcess-991347c5-3fe6-404c-81b6-814d434ae448 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:56c0106e-4c3d-4dda-bd13-0a3982b9e48a
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
taskeng.exe {6316EE7C-5AC5-4637-9E37-E29F710EC13B}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
C:\Windows\Explorer.EXE
adb fork-server server
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3132.0.497559465\1463831126" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2202 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_48/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-2d-canvas --disable-accelerated-video-decode --channel="3132.1.390118645\1507239168" /prefetch:673131151
"C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_48/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --disable-accelerated-2d-canvas --disable-accelerated-video-decode --channel="3132.2.729807283\97211194" /prefetch:673131151
"C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3132.5.527598425\505637557" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_48/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --disable-accelerated-2d-canvas --disable-accelerated-video-decode --channel="3132.6.1717709963\2044141110" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Cenek\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3282754562-3471533169-2828672972-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3282754562-3471533169-2828672972-1000UA.job
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3282754562-3471533169-2828672972-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3282754562-3471533169-2828672972-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default

prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT32204 ... hSource=13"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10, firefox@bandoo.com:5.0, {7FF99715-3016-4381-84CE-E4E4C9673020}:1.0, {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550, {74c841e3-b59f-479e-8d7a-e26a942a87c8}:3.5, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 727&UM=&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@winzip.com/Winzip Courier]
"Description"=WinZip Courier Plugin for Mozilla Firefox
"Path"=C:\Program Files (x86)\WinZip Courier\npwzwmc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
BearShareWebSearch.xml
glarysearch.xml
mall-cz.xml
SearchquWebSearch.xml

C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\extensions\
firefox@bandoo.com
{55C81E27-A6E2-40AB-B96F-D7107755F451}
{7473b6bd-4691-4744-a82b-7854eb3d70b6}
{7FF99715-3016-4381-84CE-E4E4C9673020}
{800b5000-a755-47e1-992b-48a1c1357f07}
{E84D42CA-64EB-11DE-A65F-8C3656D89593}

C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\
badoo.xml
BearShareWebSearch.xml
bingp.xml
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
SearchquWebSearch.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}]
Searchqu Toolbar - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll [2010-02-10 87488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7AF277D-1466-4A7B-93AF-B043984A5671}]
TBSB05810 Class - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll [2012-07-31 2669408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8FB70FA-0FDF-4601-9DC4-BFA1B357204F}]
WinZip Courier BHO - C:\PROGRA~2\WINZIP~1\wzwmcie.dll [2011-10-21 356168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
BandooIEPlugin Class - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll [2010-09-20 2194944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]
{7FF99715-3016-4381-84CE-E4E4C9673020} - Searchqu Toolbar - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll [2010-02-10 87488]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]
{32D47EA5-9473-4CAD-805D-9999F15D5AE2} - Glarysoft Toolbar - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll [2012-07-31 2669408]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"=C:\Program Files (x86)\Frag Games\GPlayer.exe [2010-05-17 2113536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [2012-12-24 1067232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Cenek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-14 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Cenek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-04 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
C:\Program Files (x86)\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-10-21 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Cenek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
C:\Users\Cenek\AppData\Local\Facebook\MESSEN~1\214814~1.0\FACEBO~1.EXE [2013-03-07 248240]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2010-06-07 111928]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-10-21 72248]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-10-21 3054136]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2014-01-16 22:32:01 ----D---- C:\rsit
2014-01-16 22:32:01 ----D---- C:\Program Files\trend micro
2014-01-16 19:15:15 ----D---- C:\Program Files\CCleaner
2014-01-16 19:11:57 ----D---- C:\Windows\pss
2014-01-16 18:35:09 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-01-16 18:35:08 ----A---- C:\Windows\system32\ieui.dll
2014-01-16 18:35:06 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-01-16 18:35:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-01-16 18:35:06 ----A---- C:\Windows\system32\jsproxy.dll
2014-01-16 18:35:06 ----A---- C:\Windows\system32\ieUnatt.exe
2014-01-16 18:35:06 ----A---- C:\Windows\system32\ie4uinit.exe
2014-01-16 18:35:05 ----A---- C:\Windows\system32\iernonce.dll
2014-01-16 18:35:04 ----A---- C:\Windows\system32\iesetup.dll
2014-01-16 18:35:03 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-01-16 18:35:03 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-01-16 18:35:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-01-16 18:35:02 ----A---- C:\Windows\system32\mshtml.dll
2014-01-16 18:35:02 ----A---- C:\Windows\system32\jscript9diag.dll
2014-01-16 18:35:02 ----A---- C:\Windows\system32\ieapfltr.dll
2014-01-16 18:35:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-01-16 18:35:00 ----A---- C:\Windows\system32\iertutil.dll
2014-01-16 18:34:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-01-16 18:34:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-01-16 18:34:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-01-16 18:34:57 ----A---- C:\Windows\system32\wininet.dll
2014-01-16 18:34:57 ----A---- C:\Windows\system32\urlmon.dll
2014-01-16 18:34:55 ----A---- C:\Windows\system32\ieframe.dll
2014-01-16 18:34:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-01-16 18:34:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-01-16 18:34:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-01-16 18:34:47 ----A---- C:\Windows\system32\jscript9.dll
2014-01-07 07:26:41 ----A---- C:\Windows\system32\IEUDINIT.EXE
2014-01-07 07:22:02 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2014-01-07 07:22:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-07 07:21:49 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-01-07 07:21:49 ----A---- C:\Windows\SYSWOW64\msls31.dll
2014-01-07 07:21:49 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2014-01-07 07:21:49 ----A---- C:\Windows\system32\elshyph.dll
2014-01-07 07:21:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-01-07 07:21:48 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-01-07 07:21:47 ----A---- C:\Windows\SYSWOW64\url.dll
2014-01-07 07:21:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-01-07 07:21:47 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2014-01-07 07:21:47 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-01-07 07:21:47 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-01-07 07:21:46 ----A---- C:\Windows\SYSWOW64\icardie.dll
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-01-07 07:21:45 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-01-07 07:21:44 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2014-01-07 07:21:44 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2014-01-07 07:21:44 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-01-07 07:21:44 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-01-07 07:21:43 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-07 07:21:43 ----A---- C:\Windows\system32\jsIntl.dll
2014-01-07 07:21:42 ----A---- C:\Windows\system32\msrating.dll
2014-01-07 07:21:42 ----A---- C:\Windows\system32\msls31.dll
2014-01-07 07:21:42 ----A---- C:\Windows\system32\msfeedssync.exe
2014-01-07 07:21:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-01-07 07:21:41 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-01-07 07:21:41 ----A---- C:\Windows\system32\mshtmler.dll
2014-01-07 07:21:41 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-07 07:21:41 ----A---- C:\Windows\system32\iesysprep.dll
2014-01-07 07:21:41 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-01-07 07:21:40 ----A---- C:\Windows\system32\url.dll
2014-01-07 07:21:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-01-07 07:21:40 ----A---- C:\Windows\system32\iedkcs32.dll
2014-01-07 07:21:40 ----A---- C:\Windows\system32\ieapfltr.dat
2014-01-07 07:21:40 ----A---- C:\Windows\system32\icardie.dll
2014-01-07 07:21:40 ----A---- C:\Windows\system32\dxtrans.dll
2014-01-07 07:21:40 ----A---- C:\Windows\system32\dxtmsft.dll
2014-01-07 07:21:39 ----A---- C:\Windows\system32\wextract.exe
2014-01-07 07:21:39 ----A---- C:\Windows\system32\webcheck.dll
2014-01-07 07:21:39 ----A---- C:\Windows\system32\vbscript.dll
2014-01-07 07:21:39 ----A---- C:\Windows\system32\mshtmled.dll
2014-01-07 07:21:39 ----A---- C:\Windows\system32\msfeeds.dll
2014-01-07 07:21:39 ----A---- C:\Windows\system32\licmgr10.dll
2014-01-07 07:21:39 ----A---- C:\Windows\system32\inseng.dll
2014-01-07 07:21:39 ----A---- C:\Windows\system32\iexpress.exe
2014-01-07 07:21:38 ----A---- C:\Windows\system32\pngfilt.dll
2014-01-07 07:21:38 ----A---- C:\Windows\system32\occache.dll
2014-01-07 07:21:38 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-01-07 07:21:38 ----A---- C:\Windows\system32\mshta.exe
2014-01-07 07:21:38 ----A---- C:\Windows\system32\jscript.dll
2014-01-07 07:21:38 ----A---- C:\Windows\system32\imgutil.dll
2014-01-07 07:21:38 ----A---- C:\Windows\system32\iepeers.dll
2014-01-07 07:19:46 ----A---- C:\Windows\system32\wow64.dll
2014-01-07 07:19:45 ----A---- C:\Windows\system32\tdh.dll
2014-01-07 07:19:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-01-07 07:19:45 ----A---- C:\Windows\system32\ntdll.dll
2014-01-07 07:19:45 ----A---- C:\Windows\system32\advapi32.dll
2014-01-07 07:19:44 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-01-07 07:19:44 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-01-07 07:19:43 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-01-07 07:19:43 ----A---- C:\Windows\SYSWOW64\user.exe
2014-01-07 07:19:43 ----A---- C:\Windows\SYSWOW64\tdh.dll
2014-01-07 07:19:43 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-01-07 07:19:43 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-01-07 07:19:43 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-01-07 07:19:43 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-01-07 07:19:43 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2014-01-07 07:19:15 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2014-01-07 07:19:15 ----A---- C:\Windows\system32\mswsock.dll
2014-01-07 07:19:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-01-07 07:19:02 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-01-07 07:19:02 ----A---- C:\Windows\system32\d3d11.dll

======List of files/folders modified in the last 1 month======

2014-01-16 22:32:01 ----RD---- C:\Program Files
2014-01-16 22:30:11 ----D---- C:\Windows\Temp
2014-01-16 22:28:34 ----D---- C:\Windows\system32\config
2014-01-16 22:27:58 ----HD---- C:\ProgramData
2014-01-16 22:26:46 ----SHD---- C:\Windows\Installer
2014-01-16 22:26:34 ----A---- C:\Windows\system32\acovcnt.exe
2014-01-16 19:46:04 ----D---- C:\Windows\system32\drivers
2014-01-16 19:46:00 ----D---- C:\Windows\system32\DriverStore
2014-01-16 19:46:00 ----D---- C:\Windows\system32\catroot
2014-01-16 19:46:00 ----D---- C:\Windows\inf
2014-01-16 19:42:45 ----D---- C:\Windows\system32\drivers\etc
2014-01-16 19:23:39 ----RD---- C:\Program Files (x86)
2014-01-16 19:22:25 ----D---- C:\Users\Cenek\AppData\Roaming\Skype
2014-01-16 19:21:37 ----D---- C:\Windows\SYSWOW64\drivers
2014-01-16 19:15:19 ----D---- C:\Windows\system32\Tasks
2014-01-16 19:11:57 ----D---- C:\Windows
2014-01-16 19:03:32 ----D---- C:\Windows\system32\catroot2
2014-01-16 18:43:05 ----HD---- C:\asus.dat
2014-01-16 18:41:23 ----D---- C:\Windows\winsxs
2014-01-16 18:39:18 ----D---- C:\Program Files\Internet Explorer
2014-01-16 18:39:18 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-16 18:39:16 ----D---- C:\Windows\SysWOW64
2014-01-16 18:39:14 ----D---- C:\Windows\System32
2014-01-16 18:34:26 ----SHD---- C:\System Volume Information
2014-01-11 10:49:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-11 10:44:40 ----D---- C:\Windows\Prefetch
2014-01-11 10:40:13 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-01-11 10:40:12 ----D---- C:\Windows\system32\cs-CZ
2014-01-11 10:40:06 ----D---- C:\Windows\SYSWOW64\migration
2014-01-11 10:40:05 ----D---- C:\Windows\SYSWOW64\en-US
2014-01-11 10:40:00 ----D---- C:\Windows\PolicyDefinitions
2014-01-11 10:39:59 ----D---- C:\Windows\system32\migration
2014-01-11 10:39:59 ----D---- C:\Windows\system32\en-US
2014-01-11 10:39:52 ----D---- C:\Windows\AppPatch
2014-01-07 07:26:41 ----D---- C:\Windows\Logs
2013-12-31 05:55:33 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-18 834544]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 X5XSEx_Pr298;X5XSEx_Pr298; \??\C:\Program Files (x86)\Frag Games\X5XSEx.Sys [2010-03-10 55328]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-09 55296]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 as2h61to;as2h61to; C:\Windows\system32\drivers\as2h61to.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-09-15 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-09-15 18944]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-09-15 8704]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-09-15 8704]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-09-03 87368]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-07 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-14 1255736]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 16 led 2014 23:39

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Jan55 · #3 Příspěvek od **Jan55** » 16 led 2014 23:51

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Cenek on źt 16.01.2014 at 23:41:13,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetim
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FF99715-3016-4381-84CE-E4E4C9673020}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.bandoocoordinator
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.bandoocoordinator.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.coordinatorui
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.coordinatorui.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.httpasyncresult
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.httpasyncresult.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.pluginnotifier
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.pluginnotifier.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.bandoocore
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.bandoocore.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.resourcesmngr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.resourcesmngr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.settingsmngr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.settingsmngr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.statisticmngr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.statisticmngr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandooieplugin.bandooieplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandooieplugin.bandooieplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bflashanimator.bflashanimatorctrl
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bflashanimator.bflashanimatorctrl.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bgifanimator.bgifanimatorctrl
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bgifanimator.bgifanimatorctrl.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdataaccessor
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdataaccessor.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdownloadstatus
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdownloadstatus.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpfiledownloadservice
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpfiledownloadservice.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpproxyinfo
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpproxyinfo.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservice
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservice.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservicefactory
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservicefactory.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bandoocoordinator.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bandoocore.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\discoveryhelper.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\flashanimator.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\gifanimator.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\icq service.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\ieplugin.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imtrprogress.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imweb.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\nctaudiocdgrabber2.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\wmhelper.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C29CF951-7F4F-4B8D-ACA8-C4EE934C27DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchqumediabartb
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3282754562-3471533169-2828672972-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bandoo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imweb.imwebcontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.searchprovidermanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.searchprovidermanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bandoo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\icqtoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08ed8855-4c2e-429b-a878-f129e1f624fa}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a6cc2ca2-2779-4f10-88bf-a3c9eb874c24}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB05810.IEToolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB05810.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB05810.TBSB05810
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB05810.TBSB05810.3
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB05810
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB05810.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB05810.IEToolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB05810.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB05810.TBSB05810
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB05810.TBSB05810.3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar3.TBSB05810
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar3.TBSB05810.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\bandoo"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\Users\Cenek\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Cenek\AppData\Roaming\bandoo"
Successfully deleted: [Folder] "C:\Users\Cenek\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\searchqutb"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\sweetim"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\bandoo"
Successfully deleted: [Folder] "C:\Program Files (x86)\bearshare applications"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\glarysoft toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\windows searchqu toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\your product"
Failed to delete: [Folder] "C:\Program Files (x86)\yourfiledownloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bandoo"

~~~ FireFox

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bearsharewebsearch.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchquwebsearch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bearsharewebsearch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchquwebsearch.xml"
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\searchplugins\bearsharewebsearch.xml
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\searchplugins\searchquwebsearch.xml
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\smartbar
Successfully deleted: [Folder] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\sweetpackstoolbardata
Successfully deleted: [Folder] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\extensions\firefox@bandoo.com
Successfully deleted: [Folder] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\firefox@bandoo.com
Successfully deleted the following from C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\prefs.js

user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM2MDE4NTUzNCwidXVpZCI6MjY2ODk3NDc0NjE1ODM2LCJzZXFfaWQiOjU4LCJzc2IiOjEzNTE4OTQ2NzZ9");
user_pref("CT3220468.BT_Usage.enc", "eyJ1dWlkIjoyNjY4OTc0NzQ2MTU4MzYsInNlcV9pZCI6MX0=");
user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.FirstTime", "true");
user_pref("CT3220468.FirstTimeFF3", "true");
user_pref("CT3220468.LoginRevertSettingsEnabled", true);
user_pref("CT3220468.RevertSettingsEnabled", true);
user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
user_pref("CT3220468.UserID", "UN14171381608701727");
user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3220468.autoDisableScopes", -1);
user_pref("CT3220468.browser.search.defaultthis.engineName", true);
user_pref("CT3220468.cb_experience_000.enc", "MjA=");
user_pref("CT3220468.cb_firstuse0100.enc", "MQ==");
user_pref("CT3220468.cbcountry_001.enc", "Q1o=");
user_pref("CT3220468.cbfirsttime.enc", "RnJpIE5vdiAwMiAyMDEyIDIzOjE3OjU1IEdNVCswMTAw");
user_pref("CT3220468.enableAlerts", "always");
user_pref("CT3220468.enableFix404ByUser", "FALSE");
user_pref("CT3220468.enableSearchFromAddressBar", "true");
user_pref("CT3220468.firstTimeDialogOpened", "true");
user_pref("CT3220468.fixPageNotFoundError", "true");
user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3220468.fixUrls", true);
user_pref("CT3220468.fullUserID", "UN14171381608701727.UP.20130824182121");
user_pref("CT3220468.hxxp___toolbar_utorrent_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsc2F2ZXJlc2l6ZWRzaXplPTAsdGl0bGViYXI9MCxjbG9zZW9uZXh0ZXJuYWxjbGljaz0xLHNhdmVsb2NhdGlvbj
user_pref("CT3220468.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc", "b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRpb249MCxyZXNpemFibGU9bm8sc
user_pref("CT3220468.installId", "fft8325.tmp.exe");
user_pref("CT3220468.installType", "XPE");
user_pref("CT3220468.isCheckedStartAsHidden", true);
user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
user_pref("CT3220468.isNewTabEnabled", true);
user_pref("CT3220468.isPerformedSmartBarTransition", "true");
user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.keyword", true);
user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN1417138160870172
user_pref("CT3220468.lastVersion", "10.16.70.505");
user_pref("CT3220468.migrateAppsAndComponents", true);
user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Flp.sweetim.com%2FSweetPacksBundleUninstaller%2F\",\"EB_MAIN_FRAME_T
user_pref("CT3220468.openThankYouPage", "true");
user_pref("CT3220468.openUninstallPage", "FALSE");
user_pref("CT3220468.originalHomepage", "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=051113");
user_pref("CT3220468.originalSearchAddressUrl", "hxxp://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=051113&q=");
user_pref("CT3220468.search.searchAppId", "129813684258939747");
user_pref("CT3220468.search.searchCount", "0");
user_pref("CT3220468.searchInNewTabEnabledByUser", "true");
user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
user_pref("CT3220468.searchSuggestEnabledByUser", "true");
user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359918942167");
user_pref("CT3220468.serviceLayer_services_appTracking_lastUpdate", "1352779997835");
user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1360262461271");
user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359806436181");
user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1373480924765");
user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1353259496676");
user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358520437722");
user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364328502944");
user_pref("CT3220468.serviceLayer_services_login_10.14.40.128_lastUpdate", "1360342694165");
user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1362828703989");
user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1367266064182");
user_pref("CT3220468.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373590424093");
user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359806437565");
user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1360185609531");
user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1373569638037");
user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359806437038");
user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1373693718424");
user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1373569640295");
user_pref("CT3220468.settingsINI", true);
user_pref("CT3220468.shouldFirstTimeDialog", "false");
user_pref("CT3220468.showToolbarPermission", "false");
user_pref("CT3220468.smartbar.CTID", "CT3220468");
user_pref("CT3220468.smartbar.Uninstall", "0");
user_pref("CT3220468.smartbar.homepage", true);
user_pref("CT3220468.smartbar.isHidden", true);
user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
user_pref("CT3220468.toolbarBornServerTime", "3-11-2012");
user_pref("CT3220468.toolbarCurrentServerTime", "12-7-2013");
user_pref("CT3220468.toolbarLoginClientTime", "Sat Mar 16 2013 08:31:13 GMT+0100");
user_pref("CT3220468.upgradeFromClearSBVersion", true);
user_pref("CT3220468.url_history0001.enc", "aHR0cDovL2JhZG9vLmNvbS9jb25uZWN0aW9ucy9tZXNzYWdlLzI5NDAyNjk0NC86OjpjbGlja2hhbmRsZXI6OjoxMzYwMjY2OTY1OTQzLCwsaHR0cDovL2JhZG9vLmNvbS9
user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1389895605034,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?affID=114435&tt=3812_2&babsrc=KW_ss&mntrId=0a6ffe2b0000000000000625d3bd29f7&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
user_pref("browser.newtab.url", "hxxp://www.claro-search.com/?affID=116198&tt=4 ... 25d3bd29f7");
user_pref("browser.search.defaultenginename", "uTorrentControl_v2 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
user_pref("browser.search.order.1", "Claro Search");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13");
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=116198&tt=4 ... 25d3bd29f7");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=UN14171381608701727&UM=&q=");
user_pref("smartBar.searchInNewTabOwner", "CT3220468");
user_pref("smartbar.addressBarOwnerCTID", "CT3220468");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT
user_pref("smartbar.homePageOwnerCTID", "CT3220468");
user_pref("smartbar.machineId", "PCNAO4TMV29XFJ13VS3E/BWGT9HJVAOLDS2VSU46XPJPQTFBBEZF8WSB7LUEGKB/ALRURRAR6V3EGHC00WGMHA");
user_pref("smartbar.originalHomepage", "hxxp://isearch.glarysoft.com/?src=ffhome");
user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.sweetim.com/search.asp?barid={148E3D2E-BF14-4A2F-BD5E-38729EC8338B}&src=2&q=");
user_pref("sweetim.toolbar.RevertDialog.enable", "false");
user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
user_pref("sweetim.toolbar.Visibility.enable", "true");
user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
user_pref("sweetim.toolbar.cda.returnValue", "none");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dialogs.2.enable", "true");
user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
user_pref("sweetim.toolbar.dialogs.2.height", "150");
user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
user_pref("sweetim.toolbar.dialogs.2.width", "530");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.newtab.created", "false");
user_pref("sweetim.toolbar.newtab.enable", "true");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "ICQ Search");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "ICQ Search");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "www.seznam.cz");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "false");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.1.enable", "false");
user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.2.callback", "");
user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.2.enable", "false");
user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.enable", "false");
user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
user_pref("sweetim.toolbar.simapp_id", "{148E3D2E-BF14-4A2F-BD5E-38729EC8338B}");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
user_pref("sweetim.toolbar.version", "1.9.0.0");

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Cenek\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 16.01.2014 at 23:50:41,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Jan55 · #4 Příspěvek od **Jan55** » 16 led 2014 23:51

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Cenek on źt 16.01.2014 at 23:41:13,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetim
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FF99715-3016-4381-84CE-E4E4C9673020}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.bandoocoordinator
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.bandoocoordinator.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.coordinatorui
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.coordinatorui.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.httpasyncresult
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.httpasyncresult.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.pluginnotifier
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocoordinator.pluginnotifier.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.bandoocore
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.bandoocore.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.resourcesmngr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.resourcesmngr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.settingsmngr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.settingsmngr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.statisticmngr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandoocore.statisticmngr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandooieplugin.bandooieplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bandooieplugin.bandooieplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bflashanimator.bflashanimatorctrl
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bflashanimator.bflashanimatorctrl.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bgifanimator.bgifanimatorctrl
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\bgifanimator.bgifanimatorctrl.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdataaccessor
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdataaccessor.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdownloadstatus
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdownloadstatus.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpfiledownloadservice
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpfiledownloadservice.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpproxyinfo
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpproxyinfo.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservice
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservice.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservicefactory
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservicefactory.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bandoocoordinator.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bandoocore.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\discoveryhelper.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\flashanimator.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\gifanimator.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\icq service.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\ieplugin.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imtrprogress.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imweb.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\nctaudiocdgrabber2.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\wmhelper.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C29CF951-7F4F-4B8D-ACA8-C4EE934C27DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchqumediabartb
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3282754562-3471533169-2828672972-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bandoo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imweb.imwebcontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.searchprovidermanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.searchprovidermanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bandoo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\icqtoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08ed8855-4c2e-429b-a878-f129e1f624fa}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a6cc2ca2-2779-4f10-88bf-a3c9eb874c24}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB05810.IEToolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB05810.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB05810.TBSB05810
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB05810.TBSB05810.3
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB05810
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB05810.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB05810.IEToolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB05810.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB05810.TBSB05810
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB05810.TBSB05810.3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar3.TBSB05810
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar3.TBSB05810.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\bandoo"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\Users\Cenek\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Cenek\AppData\Roaming\bandoo"
Successfully deleted: [Folder] "C:\Users\Cenek\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\searchqutb"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\sweetim"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Users\Cenek\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\bandoo"
Successfully deleted: [Folder] "C:\Program Files (x86)\bearshare applications"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\glarysoft toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\windows searchqu toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\your product"
Failed to delete: [Folder] "C:\Program Files (x86)\yourfiledownloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bandoo"

~~~ FireFox

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bearsharewebsearch.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchquwebsearch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bearsharewebsearch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchquwebsearch.xml"
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\searchplugins\bearsharewebsearch.xml
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\searchplugins\searchquwebsearch.xml
Successfully deleted: [File] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\smartbar
Successfully deleted: [Folder] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\sweetpackstoolbardata
Successfully deleted: [Folder] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\extensions\firefox@bandoo.com
Successfully deleted: [Folder] C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\firefox@bandoo.com
Successfully deleted the following from C:\Users\Cenek\AppData\Roaming\mozilla\firefox\profiles\8p29u3y2.default\prefs.js

user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM2MDE4NTUzNCwidXVpZCI6MjY2ODk3NDc0NjE1ODM2LCJzZXFfaWQiOjU4LCJzc2IiOjEzNTE4OTQ2NzZ9");
user_pref("CT3220468.BT_Usage.enc", "eyJ1dWlkIjoyNjY4OTc0NzQ2MTU4MzYsInNlcV9pZCI6MX0=");
user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.FirstTime", "true");
user_pref("CT3220468.FirstTimeFF3", "true");
user_pref("CT3220468.LoginRevertSettingsEnabled", true);
user_pref("CT3220468.RevertSettingsEnabled", true);
user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
user_pref("CT3220468.UserID", "UN14171381608701727");
user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3220468.autoDisableScopes", -1);
user_pref("CT3220468.browser.search.defaultthis.engineName", true);
user_pref("CT3220468.cb_experience_000.enc", "MjA=");
user_pref("CT3220468.cb_firstuse0100.enc", "MQ==");
user_pref("CT3220468.cbcountry_001.enc", "Q1o=");
user_pref("CT3220468.cbfirsttime.enc", "RnJpIE5vdiAwMiAyMDEyIDIzOjE3OjU1IEdNVCswMTAw");
user_pref("CT3220468.enableAlerts", "always");
user_pref("CT3220468.enableFix404ByUser", "FALSE");
user_pref("CT3220468.enableSearchFromAddressBar", "true");
user_pref("CT3220468.firstTimeDialogOpened", "true");
user_pref("CT3220468.fixPageNotFoundError", "true");
user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3220468.fixUrls", true);
user_pref("CT3220468.fullUserID", "UN14171381608701727.UP.20130824182121");
user_pref("CT3220468.hxxp___toolbar_utorrent_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsc2F2ZXJlc2l6ZWRzaXplPTAsdGl0bGViYXI9MCxjbG9zZW9uZXh0ZXJuYWxjbGljaz0xLHNhdmVsb2NhdGlvbj
user_pref("CT3220468.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc", "b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRpb249MCxyZXNpemFibGU9bm8sc
user_pref("CT3220468.installId", "fft8325.tmp.exe");
user_pref("CT3220468.installType", "XPE");
user_pref("CT3220468.isCheckedStartAsHidden", true);
user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
user_pref("CT3220468.isNewTabEnabled", true);
user_pref("CT3220468.isPerformedSmartBarTransition", "true");
user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.keyword", true);
user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN1417138160870172
user_pref("CT3220468.lastVersion", "10.16.70.505");
user_pref("CT3220468.migrateAppsAndComponents", true);
user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Flp.sweetim.com%2FSweetPacksBundleUninstaller%2F\",\"EB_MAIN_FRAME_T
user_pref("CT3220468.openThankYouPage", "true");
user_pref("CT3220468.openUninstallPage", "FALSE");
user_pref("CT3220468.originalHomepage", "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=051113");
user_pref("CT3220468.originalSearchAddressUrl", "hxxp://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=051113&q=");
user_pref("CT3220468.search.searchAppId", "129813684258939747");
user_pref("CT3220468.search.searchCount", "0");
user_pref("CT3220468.searchInNewTabEnabledByUser", "true");
user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
user_pref("CT3220468.searchSuggestEnabledByUser", "true");
user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359918942167");
user_pref("CT3220468.serviceLayer_services_appTracking_lastUpdate", "1352779997835");
user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1360262461271");
user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359806436181");
user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1373480924765");
user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1353259496676");
user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358520437722");
user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364328502944");
user_pref("CT3220468.serviceLayer_services_login_10.14.40.128_lastUpdate", "1360342694165");
user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1362828703989");
user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1367266064182");
user_pref("CT3220468.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373590424093");
user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359806437565");
user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1360185609531");
user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1373569638037");
user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359806437038");
user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1373693718424");
user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1373569640295");
user_pref("CT3220468.settingsINI", true);
user_pref("CT3220468.shouldFirstTimeDialog", "false");
user_pref("CT3220468.showToolbarPermission", "false");
user_pref("CT3220468.smartbar.CTID", "CT3220468");
user_pref("CT3220468.smartbar.Uninstall", "0");
user_pref("CT3220468.smartbar.homepage", true);
user_pref("CT3220468.smartbar.isHidden", true);
user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
user_pref("CT3220468.toolbarBornServerTime", "3-11-2012");
user_pref("CT3220468.toolbarCurrentServerTime", "12-7-2013");
user_pref("CT3220468.toolbarLoginClientTime", "Sat Mar 16 2013 08:31:13 GMT+0100");
user_pref("CT3220468.upgradeFromClearSBVersion", true);
user_pref("CT3220468.url_history0001.enc", "aHR0cDovL2JhZG9vLmNvbS9jb25uZWN0aW9ucy9tZXNzYWdlLzI5NDAyNjk0NC86OjpjbGlja2hhbmRsZXI6OjoxMzYwMjY2OTY1OTQzLCwsaHR0cDovL2JhZG9vLmNvbS9
user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1389895605034,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?affID=114435&tt=3812_2&babsrc=KW_ss&mntrId=0a6ffe2b0000000000000625d3bd29f7&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
user_pref("browser.newtab.url", "hxxp://www.claro-search.com/?affID=116198&tt=4 ... 25d3bd29f7");
user_pref("browser.search.defaultenginename", "uTorrentControl_v2 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
user_pref("browser.search.order.1", "Claro Search");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13");
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=116198&tt=4 ... 25d3bd29f7");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=UN14171381608701727&UM=&q=");
user_pref("smartBar.searchInNewTabOwner", "CT3220468");
user_pref("smartbar.addressBarOwnerCTID", "CT3220468");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT
user_pref("smartbar.homePageOwnerCTID", "CT3220468");
user_pref("smartbar.machineId", "PCNAO4TMV29XFJ13VS3E/BWGT9HJVAOLDS2VSU46XPJPQTFBBEZF8WSB7LUEGKB/ALRURRAR6V3EGHC00WGMHA");
user_pref("smartbar.originalHomepage", "hxxp://isearch.glarysoft.com/?src=ffhome");
user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.sweetim.com/search.asp?barid={148E3D2E-BF14-4A2F-BD5E-38729EC8338B}&src=2&q=");
user_pref("sweetim.toolbar.RevertDialog.enable", "false");
user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
user_pref("sweetim.toolbar.Visibility.enable", "true");
user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
user_pref("sweetim.toolbar.cda.returnValue", "none");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dialogs.2.enable", "true");
user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
user_pref("sweetim.toolbar.dialogs.2.height", "150");
user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
user_pref("sweetim.toolbar.dialogs.2.width", "530");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.newtab.created", "false");
user_pref("sweetim.toolbar.newtab.enable", "true");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "ICQ Search");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "ICQ Search");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "www.seznam.cz");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "false");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.1.enable", "false");
user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.2.callback", "");
user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.2.enable", "false");
user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.enable", "false");
user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
user_pref("sweetim.toolbar.simapp_id", "{148E3D2E-BF14-4A2F-BD5E-38729EC8338B}");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
user_pref("sweetim.toolbar.version", "1.9.0.0");

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Cenek\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 16.01.2014 at 23:50:41,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Jan55 · #5 Příspěvek od **Jan55** » 16 led 2014 23:57

# AdwCleaner v3.017 - Report created 16/01/2014 at 23:53:34
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Cenek - CENEK-PC
# Running from : C:\Users\Cenek\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : ICQ Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\yourfiledownloader
Folder Deleted : C:\Users\Cenek\AppData\Local\PackageAware
Folder Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\ICQToolbarData
Folder Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\SearchquTB
Folder Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\SweetIMToolbarData
Folder Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\Extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}
Folder Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\bingp.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin.src
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-20.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-21.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-22.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-23.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-24.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Windows\System32\Tasks\YourFile Update

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2
Key Deleted : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01AD9322-02FF-4F4F-AC52-92FDA5AE65F0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32D47EA5-9473-4CAD-805D-9999F15D5AE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7AF277D-1466-4A7B-93AF-B043984A5671}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7AF277D-1466-4A7B-93AF-B043984A5671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E932DB2-A438-4320-B775-91C9EFADF8D3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE62CDC4-F43F-4600-9AFF-79481745FBB7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32D47EA5-9473-4CAD-805D-9999F15D5AE2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutb
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]

-\\ Mozilla Firefox v22.0 (cs)

[ File : C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\prefs.js ]

Line Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN14171381608701727&SSPV=&Lay=1&UM=\"}");
Line Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Flp.sweetim.com%2FSweetPacksBundleUninstaller%2F\",\"EB_MAIN_FRAME_TITLE\":\"Sweetpacks%20Uni[...]
Line Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1389895605034,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1389434746);
Line Deleted : user_pref("icqtoolbar.history", "ulozto.cz%20mp3||ulozto.cz||ulozto||em||baf||goog||skype||badoo.com||badoo%2Ccom||e||lid||ama||li||a||lide.cz");
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1345089374");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.itbsitescount", 0);
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "22.0");
Line Deleted : user_pref("icqtoolbar.removedsitescount", 2);
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "178046470118882906211271437629654");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1389895629);
Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]

-\\ Google Chrome v

[ File : C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [29338 octets] - [16/01/2014 23:51:56]
AdwCleaner[S0].txt - [29043 octets] - [16/01/2014 23:53:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29104 octets] ##########

#6 Příspěvek od **vyosek** » 17 led 2014 06:05

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Jan55 · #7 Příspěvek od **Jan55** » 17 led 2014 10:01

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03
Ran by Cenek (administrator) on CENEK-PC on 17-01-2014 09:53:10
Running from C:\Users\Cenek\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Exent Technologies Ltd.) C:\Program Files (x86)\Frag Games\GPlayer.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(Google Inc.) C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cenek\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-12] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Printsrv] - c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [Printsrv] - c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Exetender] - C:\Program Files (x86)\Frag Games\GPlayer.exe [2113536 2010-05-17] (Exent Technologies Ltd.)
MountPoints2: {35004d57-4b05-11df-8883-90e6ba82087d} - F:\Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=051113
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={search ... c=iesearch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {D33CD24A-EFB8-476C-A89D-53C534D8C9E6} URL = http://isearch.glarysoft.com/?q={search ... c=iesearch
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.252

FireFox:
========
FF ProfilePath: C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @winzip.com/Winzip Courier - C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Cenek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Cenek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Cenek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Cenek\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Cenek\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Glarysoft Toolbar - C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\Extensions\{55C81E27-A6E2-40AB-B96F-D7107755F451} [2013-03-17]
FF Extension: MediaBar - C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\Extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} [2010-10-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-25]
FF HKLM-x32\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files (x86)\WinZip Courier\FFExt
FF Extension: WinZip Courier - C:\Program Files (x86)\WinZip Courier\FFExt [2012-02-07]

Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=051113
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Cenek\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Cenek\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (WinZip Courier) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilckobikkmajlmhhdenkhonjkoaneclk\3.5.0_0\wzwmcgc.dll (WinZip Computing, S.L.)
CHR Plugin: (WinZip Courier) - C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Users\Cenek\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Cenek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-04-11]
CHR Extension: (Google Search) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-03-27]
CHR Extension: (WinZip Courier) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilckobikkmajlmhhdenkhonjkoaneclk\3.5.0_0 [2012-02-15]
CHR Extension: (Skype Click to Call) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0 [2013-08-04]
CHR Extension: (Google Wallet) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1 [2014-01-17]
CHR Extension: (Gmail) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2012-11-10]
CHR HKLM-x32\...\Chrome\Extension: [ilckobikkmajlmhhdenkhonjkoaneclk] - C:\Program Files (x86)\WinZip Courier\wzwmcgc.crx [2011-10-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

==================== Services (Whitelisted) =================

R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-24] (ASUSTeK Computer Inc.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-03] (Nero AG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S3 ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2008-09-15] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2008-09-15] (Nokia)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-04-18] ()
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-09-15] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2008-09-15] (Windows (R) Codename Longhorn DDK provider)
R2 X5XSEx_Pr298; C:\Program Files (x86)\Frag Games\X5XSEx.Sys [55328 2010-03-10] (Exent Technologies Ltd.)
U3 af5hgf9u; C:\Windows\System32\Drivers\af5hgf9u.sys [0 ] (Microsoft Corporation)
U3 tmlwf;
U3 tmwfp;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-17 09:53 - 2014-01-17 09:53 - 00015337 _____ C:\Users\Cenek\Downloads\FRST.txt
2014-01-17 09:51 - 2014-01-17 09:51 - 00112640 _____ (forum.viry.cz) C:\Users\Cenek\Downloads\Nepotvrzeno 473694.crdownload
2014-01-17 09:51 - 2014-01-17 09:51 - 00112640 _____ (forum.viry.cz) C:\Users\Cenek\Downloads\FRSTLauncher (1).exe
2014-01-17 09:51 - 2014-01-17 09:51 - 00029696 _____ C:\Users\Cenek\AppData\Local\MSGBOX.EXE
2014-01-17 09:51 - 2014-01-17 09:51 - 00015327 _____ C:\Users\Cenek\Desktop\LM.bat
2014-01-17 09:50 - 2014-01-17 09:50 - 02076160 _____ (Farbar) C:\Users\Cenek\Downloads\FRST64.exe
2014-01-17 09:50 - 2014-01-17 09:50 - 00000000 ____D C:\FRST
2014-01-16 23:51 - 2014-01-16 23:53 - 00000000 ____D C:\AdwCleaner
2014-01-16 23:51 - 2014-01-16 23:51 - 01236282 _____ C:\Users\Cenek\Downloads\adwcleaner.exe
2014-01-16 23:50 - 2014-01-16 23:50 - 00039784 _____ C:\Users\Cenek\Desktop\JRT.txt
2014-01-16 23:41 - 2014-01-16 23:41 - 00000000 ____D C:\Windows\ERUNT
2014-01-16 23:40 - 2014-01-16 23:40 - 01037068 _____ (Thisisu) C:\Users\Cenek\Downloads\JRT.exe
2014-01-16 22:32 - 2014-01-16 22:32 - 00000000 ____D C:\rsit
2014-01-16 22:32 - 2014-01-16 22:32 - 00000000 ____D C:\Program Files\trend micro
2014-01-16 22:31 - 2014-01-16 22:31 - 00935175 _____ C:\Users\Cenek\Downloads\RSITx64.exe
2014-01-16 19:15 - 2014-01-16 19:15 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-16 19:15 - 2014-01-16 19:15 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-16 19:15 - 2014-01-16 19:15 - 00000000 ____D C:\Program Files\CCleaner
2014-01-16 19:14 - 2014-01-16 19:14 - 04645232 _____ (Piriform Ltd) C:\Users\Cenek\Downloads\ccsetup409.exe
2014-01-16 19:11 - 2014-01-16 19:11 - 00000000 ____D C:\Windows\pss
2014-01-16 19:03 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 19:03 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 19:03 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 19:03 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 19:03 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 19:03 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 19:03 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 19:03 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-16 18:35 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-16 18:35 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-16 18:35 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-16 18:35 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-16 18:35 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-16 18:35 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-16 18:35 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-16 18:35 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-16 18:35 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-16 18:35 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-16 18:35 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-16 18:35 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-16 18:35 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-16 18:35 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-16 18:35 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-16 18:35 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-16 18:35 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-16 18:35 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-16 18:35 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-16 18:34 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-16 18:34 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-16 18:34 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-16 18:34 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-16 18:34 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-16 18:34 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-16 18:34 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-16 18:34 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-16 18:34 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-16 18:34 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-16 18:34 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-16 18:34 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-07 07:26 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-07 07:22 - 2014-01-07 07:22 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-07 07:22 - 2014-01-07 07:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-07 07:21 - 2014-01-07 07:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-07 07:21 - 2014-01-07 07:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-07 07:21 - 2014-01-07 07:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-07 07:21 - 2014-01-07 07:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-07 07:21 - 2014-01-07 07:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-07 07:21 - 2014-01-07 07:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-07 07:19 - 2014-01-07 07:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-12-31 19:29 - 2014-01-01 03:32 - 280051191 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl---1.-Řada-(100%-Kompletní-Série)-Avi-Cz.rar
2013-12-31 10:09 - 2013-12-31 15:27 - 1679342770 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl---2.-Řada-(100%-Kompletní-Série)-Avi-Cz.rar
2013-12-30 22:33 - 2013-12-31 02:54 - 4124895431 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl---3.-Řada-(100%-Kompletní-Série)-Avi-Cz.rar
2013-12-30 19:37 - 2013-12-30 21:05 - 1542195401 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl-1-serie-17.-24.-dil-cz(avi).rar
2013-12-30 17:44 - 2013-12-30 19:09 - 1480386176 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl-1-serie-9.-16.-dil-cz(avi).rar
2013-12-29 14:09 - 2013-12-29 15:06 - 996147200 _____ C:\Users\Cenek\Downloads\Jmenuji-se-Earl-1.-série-CZ-dabing.part3.rar
2013-12-29 12:33 - 2013-12-29 12:33 - 00001987 _____ C:\Users\Cenek\Desktop\Skype.lnk

==================== One Month Modified Files and Folders =======

2014-01-17 09:53 - 2014-01-17 09:53 - 00015337 _____ C:\Users\Cenek\Downloads\FRST.txt
2014-01-17 09:51 - 2014-01-17 09:51 - 00112640 _____ (forum.viry.cz) C:\Users\Cenek\Downloads\Nepotvrzeno 473694.crdownload
2014-01-17 09:51 - 2014-01-17 09:51 - 00112640 _____ (forum.viry.cz) C:\Users\Cenek\Downloads\FRSTLauncher (1).exe
2014-01-17 09:51 - 2014-01-17 09:51 - 00029696 _____ C:\Users\Cenek\AppData\Local\MSGBOX.EXE
2014-01-17 09:51 - 2014-01-17 09:51 - 00015327 _____ C:\Users\Cenek\Desktop\LM.bat
2014-01-17 09:50 - 2014-01-17 09:50 - 02076160 _____ (Farbar) C:\Users\Cenek\Downloads\FRST64.exe
2014-01-17 09:50 - 2014-01-17 09:50 - 00000000 ____D C:\FRST
2014-01-17 09:46 - 2011-02-04 09:28 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3282754562-3471533169-2828672972-1000UA.job
2014-01-17 09:45 - 2009-10-21 09:57 - 00003004 _____ C:\Windows\System32\Tasks\ASUS Live Update
2014-01-17 09:44 - 2013-09-20 16:22 - 00000000 ____D C:\Users\Cenek\AppData\Local\HTC MediaHub
2014-01-17 09:44 - 2013-03-17 09:25 - 00000320 _____ C:\Windows\Tasks\GlaryInitialize.job
2014-01-17 09:44 - 2010-04-19 10:14 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2014-01-17 09:42 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 09:42 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-17 09:41 - 2009-10-21 09:13 - 01628023 _____ C:\Windows\WindowsUpdate.log
2014-01-17 09:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-17 09:35 - 2009-07-14 05:51 - 00102944 _____ C:\Windows\setupact.log
2014-01-17 09:35 - 2009-07-14 05:45 - 00453272 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 01:35 - 2009-10-21 09:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-17 01:34 - 2013-08-15 02:04 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 01:32 - 2011-02-06 11:58 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 00:47 - 2011-02-04 09:32 - 00002332 _____ C:\Users\Cenek\Desktop\Google Chrome.lnk
2014-01-16 23:53 - 2014-01-16 23:51 - 00000000 ____D C:\AdwCleaner
2014-01-16 23:53 - 2010-04-16 18:06 - 00000000 ____D C:\ProgramData\ICQ
2014-01-16 23:51 - 2014-01-16 23:51 - 01236282 _____ C:\Users\Cenek\Downloads\adwcleaner.exe
2014-01-16 23:50 - 2014-01-16 23:50 - 00039784 _____ C:\Users\Cenek\Desktop\JRT.txt
2014-01-16 23:41 - 2014-01-16 23:41 - 00000000 ____D C:\Windows\ERUNT
2014-01-16 23:40 - 2014-01-16 23:40 - 01037068 _____ (Thisisu) C:\Users\Cenek\Downloads\JRT.exe
2014-01-16 23:19 - 2012-08-08 19:29 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3282754562-3471533169-2828672972-1000UA.job
2014-01-16 22:32 - 2014-01-16 22:32 - 00000000 ____D C:\rsit
2014-01-16 22:32 - 2014-01-16 22:32 - 00000000 ____D C:\Program Files\trend micro
2014-01-16 22:31 - 2014-01-16 22:31 - 00935175 _____ C:\Users\Cenek\Downloads\RSITx64.exe
2014-01-16 22:28 - 2009-10-21 09:47 - 00111408 _____ C:\Windows\PFRO.log
2014-01-16 19:42 - 2013-12-07 10:13 - 00000824 _____ C:\Windows\system32\Drivers\etc\tmvsthfud.bin
2014-01-16 19:42 - 2012-11-21 21:56 - 00000824 _____ C:\Windows\system32\Drivers\etc\tmvsthfss.bin
2014-01-16 19:22 - 2010-04-16 17:59 - 00000000 ____D C:\Users\Cenek\AppData\Roaming\Skype
2014-01-16 19:15 - 2014-01-16 19:15 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-16 19:15 - 2014-01-16 19:15 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-16 19:15 - 2014-01-16 19:15 - 00000000 ____D C:\Program Files\CCleaner
2014-01-16 19:14 - 2014-01-16 19:14 - 04645232 _____ (Piriform Ltd) C:\Users\Cenek\Downloads\ccsetup409.exe
2014-01-16 19:11 - 2014-01-16 19:11 - 00000000 ____D C:\Windows\pss
2014-01-16 19:11 - 2010-04-13 17:39 - 00000000 ___RD C:\Users\Cenek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 18:55 - 2010-07-03 11:16 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{71151D57-CE33-4CC8-8193-F202077C75A1}
2014-01-16 18:43 - 2010-04-13 17:39 - 00000000 ___HD C:\asus.dat
2014-01-16 18:42 - 2013-06-15 07:02 - 00003106 _____ C:\Windows\System32\Tasks\P4G Sidebar
2014-01-11 10:56 - 2010-04-13 17:47 - 00001419 _____ C:\Users\Cenek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-11 10:49 - 2009-08-03 21:00 - 00630824 _____ C:\Windows\system32\perfh005.dat
2014-01-11 10:49 - 2009-08-03 21:00 - 00122104 _____ C:\Windows\system32\perfc005.dat
2014-01-11 10:49 - 2009-07-14 06:13 - 01469254 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-11 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-07 07:26 - 2013-12-02 08:19 - 00155294 _____ C:\Windows\IE11_main.log
2014-01-07 07:22 - 2014-01-07 07:22 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-07 07:22 - 2014-01-07 07:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-07 07:21 - 2014-01-07 07:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-07 07:21 - 2014-01-07 07:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-07 07:21 - 2014-01-07 07:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-07 07:21 - 2014-01-07 07:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-07 07:21 - 2014-01-07 07:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-07 07:21 - 2014-01-07 07:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-07 07:21 - 2014-01-07 07:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-07 07:21 - 2014-01-07 07:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-07 07:19 - 2014-01-07 07:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-01-07 07:19 - 2014-01-07 07:19 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-01-07 07:19 - 2014-01-07 07:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-01-07 06:52 - 2012-08-08 19:29 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3282754562-3471533169-2828672972-1000Core.job
2014-01-07 06:49 - 2011-02-04 09:28 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3282754562-3471533169-2828672972-1000Core.job
2014-01-04 20:51 - 2013-11-25 21:32 - 00000000 ____D C:\Users\Cenek\Desktop\werunka
2014-01-04 20:46 - 2010-04-13 17:38 - 00000000 ____D C:\Users\Cenek
2014-01-01 15:22 - 2013-07-01 15:08 - 00000000 ____D C:\Users\Cenek\Desktop\jmenuji se er
2014-01-01 03:32 - 2013-12-31 19:29 - 280051191 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl---1.-Řada-(100%-Kompletní-Série)-Avi-Cz.rar
2013-12-31 15:27 - 2013-12-31 10:09 - 1679342770 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl---2.-Řada-(100%-Kompletní-Série)-Avi-Cz.rar
2013-12-31 05:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-31 02:54 - 2013-12-30 22:33 - 4124895431 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl---3.-Řada-(100%-Kompletní-Série)-Avi-Cz.rar
2013-12-30 21:05 - 2013-12-30 19:37 - 1542195401 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl-1-serie-17.-24.-dil-cz(avi).rar
2013-12-30 19:09 - 2013-12-30 17:44 - 1480386176 _____ C:\Users\Cenek\Downloads\Jmenuju-se-Earl-1-serie-9.-16.-dil-cz(avi).rar
2013-12-29 15:06 - 2013-12-29 14:09 - 996147200 _____ C:\Users\Cenek\Downloads\Jmenuji-se-Earl-1.-série-CZ-dabing.part3.rar
2013-12-29 12:33 - 2013-12-29 12:33 - 00001987 _____ C:\Users\Cenek\Desktop\Skype.lnk

Files to move or delete:
====================
C:\ProgramData\ezsid.dat
C:\Users\Cenek\DSETUP.dll
C:\Users\Cenek\dsetup32.dll
C:\Users\Cenek\DXSETUP.exe

Some content of TEMP:
====================
C:\Users\Cenek\AppData\Local\Temp\AskSLib.dll
C:\Users\Cenek\AppData\Local\Temp\atl80.dll
C:\Users\Cenek\AppData\Local\Temp\mfc80.dll
C:\Users\Cenek\AppData\Local\Temp\mfc80u.dll
C:\Users\Cenek\AppData\Local\Temp\mfcm80.dll
C:\Users\Cenek\AppData\Local\Temp\mfcm80u.dll
C:\Users\Cenek\AppData\Local\Temp\msvcm80.dll
C:\Users\Cenek\AppData\Local\Temp\msvcp80.dll
C:\Users\Cenek\AppData\Local\Temp\msvcr80.dll
C:\Users\Cenek\AppData\Local\Temp\Quarantine.exe
C:\Users\Cenek\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Cenek\AppData\Local\Temp\TmDbg32.dll
C:\Users\Cenek\AppData\Local\Temp\TmDbg64.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-31 05:44

==================== End Of Log ============================

#8 Příspěvek od **vyosek** » 18 led 2014 02:23

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [Printsrv] - c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
MountPoints2: {35004d57-4b05-11df-8883-90e6ba82087d} - F:\Autorun.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=051113
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D33CD24A-EFB8-476C-A89D-53C534D8C9E6} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO-x32: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF SearchPlugin: C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF Extension: Glarysoft Toolbar - C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\Extensions\{55C81E27-A6E2-40AB-B96F-D7107755F451} [2013-03-17]
FF Extension: MediaBar - C:\Users\Cenek\AppData\Roaming\Mozilla\Firefox\Profiles\8p29u3y2.default\Extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} [2010-10-30]
FF Extension: WinZip Courier - C:\Program Files (x86)\WinZip Courier\FFExt [2012-02-07]

CHR HomePage: hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=051113
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (WinZip Courier) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilckobikkmajlmhhdenkhonjkoaneclk\3.5.0_0\wzwmcgc.dll (WinZip Computing, S.L.)
CHR Plugin: (WinZip Courier) - C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
CHR Extension: (WinZip Courier) - C:\Users\Cenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilckobikkmajlmhhdenkhonjkoaneclk\3.5.0_0 [2012-02-15]
CHR HKLM-x32\...\Chrome\Extension: [ilckobikkmajlmhhdenkhonjkoaneclk] - C:\Program Files (x86)\WinZip Courier\wzwmcgc.crx [2011-10-21]

2014-01-17 09:51 - 2014-01-17 09:51 - 00112640 _____ (forum.viry.cz) C:\Users\Cenek\Downloads\Nepotvrzeno 473694.crdownload
2014-01-17 09:51 - 2014-01-17 09:51 - 00112640 _____ (forum.viry.cz) C:\Users\Cenek\Downloads\FRSTLauncher (1).exe
2014-01-17 09:51 - 2014-01-17 09:51 - 00029696 _____ C:\Users\Cenek\AppData\Local\MSGBOX.EXE
2014-01-17 09:51 - 2014-01-17 09:51 - 00015327 _____ C:\Users\Cenek\Desktop\LM.bat
2014-01-16 23:51 - 2014-01-16 23:51 - 01236282 _____ C:\Users\Cenek\Downloads\adwcleaner.exe
2014-01-16 23:50 - 2014-01-16 23:50 - 00039784 _____ C:\Users\Cenek\Desktop\JRT.txt
2014-01-16 23:40 - 2014-01-16 23:40 - 01037068 _____ (Thisisu) C:\Users\Cenek\Downloads\JRT.exe
2014-01-16 19:14 - 2014-01-16 19:14 - 04645232 _____ (Piriform Ltd) C:\Users\Cenek\Downloads\ccsetup409.exe
C:\ProgramData\ezsid.dat
C:\Users\Cenek\DSETUP.dll
C:\Users\Cenek\dsetup32.dll
C:\Users\Cenek\DXSETUP.exe
:\Users\Cenek\AppData\Local\Temp\AskSLib.dll
C:\Users\Cenek\AppData\Local\Temp\atl80.dll
C:\Users\Cenek\AppData\Local\Temp\mfc80.dll
C:\Users\Cenek\AppData\Local\Temp\mfc80u.dll
C:\Users\Cenek\AppData\Local\Temp\mfcm80.dll
C:\Users\Cenek\AppData\Local\Temp\mfcm80u.dll
C:\Users\Cenek\AppData\Local\Temp\msvcm80.dll
C:\Users\Cenek\AppData\Local\Temp\msvcp80.dll
C:\Users\Cenek\AppData\Local\Temp\msvcr80.dll
C:\Users\Cenek\AppData\Local\Temp\Quarantine.exe
C:\Users\Cenek\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Cenek\AppData\Local\Temp\TmDbg32.dll
C:\Users\Cenek\AppData\Local\Temp\TmDbg64.dll

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Cenek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer" /f

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu