zavireny PC 3 roky bez očisty

[Fony]

ahoj viry.cz team,
prosim vas o radu ci je neco podorzive v tomto logu z pc ktory nebol 3 roky cisteny, free verzia aviry nasla cca 10 virov ktore uspesne presunula do karanteny avsak pc je stale velmi velmi pomaly, vyskakovacie okna v browseroch vyskakuju po desiatkach ked su blokovane prehliadacom...dakujem krasne za rady

Logfile of random's system information tool 1.09 (written by random/random)
Run by milan at 2014-03-31 10:19:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 114 GB (39%) free of 290 GB
Total RAM: 3034 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:24:42 AM, on 3/31/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Buzz-it-soft\Buzz-it_wd.exe
C:\ProgramData\Updater\updater.exe
C:\Program Files (x86)\iLivid\iLivid.exe
C:\windows\SysWOW64\WScript.exe
C:\windows\SysWOW64\WScript.exe
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\milan\AppData\Local\Temp\setup{C973F5F6-E3D4-4893-A8B1-22422EBB5E47}.exe
C:\Program Files\trend micro\milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 5&tsp=5188
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {9a582ac0-ffb9-49b8-9e7d-1798b4885c63} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0051356 - {11111111-1111-1111-1111-110511131156} - C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-bho.dll
O2 - BHO: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll
O2 - BHO: Better Experience - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\BetterExperience\IE\common.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (file missing)
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O3 - Toolbar: (no name) - !{3392cfec-56f8-41ee-bdb4-4e301efd2c93} - (no file)
O3 - Toolbar: (no name) - !{a899079d-206f-43a6-be6a-07e0fa648ea0} - (no file)
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (file missing)
O4 - HKLM\..\Run: [msygpdijSrv] C:\windows\inf\msygpdij.vbe
O4 - HKLM\..\Run: [msytvkvuSrv] C:\windows\inf\msytvkvu.vbe
O4 - HKLM\..\Run: [msljyihuSrv] "C:\windows\system32\msljyihu.vbe" msjfxoao mspfiqk
O4 - HKLM\..\Run: [Updater] C:\ProgramData\Updater\Updater.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [Updater] C:\ProgramData\Updater\updater.exe
O4 - HKCU\..\Run: [NextLive] C:\windows\SysWOW64\rundll32.exe "C:\Users\milan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [iLivid] "C:\Program Files (x86)\iLivid\iLivid.exe" -autorun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files (x86)\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Bubble Dock] "C:\Users\milan\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\psupport\psupport.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Buzz-it - Unknown owner - C:\Program Files (x86)\Buzz-it-soft\Buzz-it157.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Internet Updater (InternetUpdater) - Unknown owner - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update GreyGray - Unknown owner - C:\Program Files (x86)\GreyGray\updateGreyGray.exe
O23 - Service: Update PacFunction - Unknown owner - C:\Program Files (x86)\PacFunction\updatePacFunction.exe
O23 - Service: Util GreyGray - Unknown owner - C:\Program Files (x86)\GreyGray\bin\utilGreyGray.exe
O23 - Service: Util PacFunction - Unknown owner - C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.0.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
O23 - Service: WajamUpdaterV3 - Wajam - C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10931 bytes

======Listing Processes======


======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AmiUpdXp.job
C:\windows\tasks\Buzz-it Update.job
C:\windows\tasks\Buzz-it_wd.job
C:\windows\tasks\couponsupport-S-649636217.job
C:\windows\tasks\HDvid-Codec V9.0-chromeinstaller.job
C:\windows\tasks\HDvid-Codec V9.0-codedownloader.job
C:\windows\tasks\HDvid-Codec V9.0-enabler.job
C:\windows\tasks\HDvid-Codec V9.0-firefoxinstaller.job
C:\windows\tasks\HDvid-Codec V9.0-updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\searchplugins\
Web Search.xml

C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\extensions\
0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
d43e4d33-1c9f-4167-9600-b4929087f116@3cc778fb-659e-4988-abd4-592fc6b8806a.com
fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com
support@betterxperience.com
{1d33de57-fc7b-4526-97dc-e6bdbdcbf862}
{94cd2cc3-083f-49ba-a218-4cda4b4829fd}

C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\searchplugins\
conduit-search.xml
Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131156}]
HDvid-Codec V9.0 - C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-bho64.dll [2014-03-16 964608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131156}]
HDvid-Codec V9.0 - C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-bho.dll [2014-03-16 687104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]
Bubble Dock SurfMatch - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll [2014-01-16 39936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ed99e2-16a6-4b89-80d6-5b21cf42e78b}]
Better Experience - C:\ProgramData\BetterExperience\IE\common.dll [2014-02-01 402944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]
Wajam - C:\Program Files (x86)\Wajam\IE\priam_bho.dll [2014-03-06 283272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-01-11 365056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
!{3392cfec-56f8-41ee-bdb4-4e301efd2c93}
!{a899079d-206f-43a6-be6a-07e0fa648ea0}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
!{3392cfec-56f8-41ee-bdb4-4e301efd2c93}
!{a899079d-206f-43a6-be6a-07e0fa648ea0}
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-06-05 392048]
"Persistence"=C:\windows\system32\igfxpers.exe [2000-01-01 418336]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13662936]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Updater"=C:\ProgramData\Updater\updater.exe [2013-12-18 486264]
"NextLive"=C:\windows\SysWOW64\rundll32.exe [2009-07-14 44544]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"iLivid"=C:\Program Files (x86)\iLivid\iLivid.exe [2014-02-12 7307776]
"Free Download Manager"=C:\Program Files (x86)\Free Download Manager\fdm.exe [2013-01-17 6864896]
"Bubble Dock"=C:\Users\milan\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe [2014-02-25 665104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccuWeatherWidget]
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [2011-04-30 885760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24 409744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection]
C:\Users\milan\AppData\Roaming\Search Protection\SearchProtection.EXE /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"msygpdijSrv"=C:\windows\inf\msygpdij.vbe [2013-08-27 1558]
"msytvkvuSrv"=C:\windows\inf\msytvkvu.vbe [2013-08-27 1558]
"msljyihuSrv"=C:\windows\system32\msljyihu.vbe msjfxoao mspfiqk []
"Updater"=C:\ProgramData\Updater\Updater.exe [2013-12-18 486264]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-03-17 2539544]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2000-01-01 272384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-31 10:23:39 ----D---- C:\Program Files\trend micro
2014-03-31 10:18:52 ----D---- C:\rsit
2014-03-27 18:11:15 ----D---- C:\Program Files\McAfee Security Scan
2014-03-27 16:03:14 ----A---- C:\windows\system32\drivers\wStLib64.sys
2014-03-23 14:42:20 ----D---- C:\windows\SYSWOW64\sda
2014-03-23 14:16:14 ----SHD---- C:\Config.Msi
2014-03-23 13:39:20 ----D---- C:\ProgramData\Qualcomm Atheros
2014-03-23 13:36:35 ----D---- C:\Program Files\Intel
2014-03-23 13:14:44 ----D---- C:\ProgramData\Logitech
2014-03-23 13:13:55 ----D---- C:\ProgramData\Logishrd
2014-03-23 13:13:30 ----D---- C:\Program Files\Logitech
2014-03-23 13:11:00 ----D---- C:\Program Files\Common Files\LogiShrd
2014-03-23 13:09:18 ----D---- C:\Users\milan\AppData\Roaming\Logitech
2014-03-23 13:09:17 ----D---- C:\Users\milan\AppData\Roaming\Logishrd
2014-03-23 12:54:52 ----D---- C:\Users\milan\AppData\Roaming\Driver Magician
2014-03-23 12:54:52 ----D---- C:\Program Files (x86)\Driver Magician
2014-03-23 12:38:45 ----D---- C:\Program Files (x86)\Driver-Soft
2014-03-23 12:17:56 ----D---- C:\Program Files (x86)\Smart PC Solutions
2014-03-23 12:15:07 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2014-03-23 00:55:11 ----D---- C:\Program Files (x86)\MediaWatchV1
2014-03-20 21:37:08 ----D---- C:\ProgramData\BetterExperience
2014-03-20 21:12:18 ----D---- C:\Users\milan\AppData\Roaming\Uniblue
2014-03-20 21:12:18 ----D---- C:\Program Files (x86)\Uniblue
2014-03-20 20:47:08 ----D---- C:\Program Files (x86)\NOBY.UCOZ.RU
2014-03-20 20:45:16 ----D---- C:\Users\milan\AppData\Roaming\WinRAR
2014-03-20 20:44:40 ----D---- C:\Program Files\WinRAR
2014-03-20 20:14:58 ----D---- C:\Users\milan\AppData\Roaming\Avira
2014-03-20 19:59:56 ----D---- C:\Program Files (x86)\Avira
2014-03-20 19:59:55 ----D---- C:\ProgramData\Avira
2014-03-20 19:59:48 ----D---- C:\ProgramData\Package Cache
2014-03-20 19:54:04 ----D---- C:\ProgramData\Internet Helper Anti-phishing
2014-03-20 19:53:10 ----D---- C:\Program Files (x86)\SearchProtect
2014-03-20 18:44:37 ----D---- C:\Program Files (x86)\media enhance
2014-03-20 18:44:36 ----D---- C:\Users\milan\AppData\Roaming\Activeris
2014-03-20 18:44:12 ----D---- C:\Program Files\Conduit
2014-03-20 18:43:41 ----D---- C:\ProgramData\Activeris
2014-03-20 18:43:30 ----D---- C:\Program Files (x86)\Activeris AntiMalware
2014-03-20 18:43:00 ----D---- C:\temp
2014-03-20 18:42:44 ----D---- C:\Program Files\Level Quality Watcher
2014-03-20 17:54:22 ----D---- C:\Users\milan\AppData\Roaming\VOPackage
2014-03-20 17:52:40 ----D---- C:\Program Files\CCleaner
2014-03-20 17:50:48 ----D---- C:\Program Files (x86)\free ven
2014-03-18 18:23:59 ----D---- C:\Users\milan\AppData\Roaming\SimplyTech
2014-03-18 18:23:53 ----D---- C:\Program Files (x86)\HomeTab
2014-03-18 18:17:12 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-17 00:57:14 ----D---- C:\ProgramData\AVG Secure Search
2014-03-17 00:56:11 ----D---- C:\Program Files (x86)\AVG Secure Search
2014-03-17 00:09:42 ----D---- C:\ProgramData\Free Download Manager
2014-03-17 00:09:37 ----D---- C:\Users\milan\AppData\Roaming\Free Download Manager
2014-03-16 19:02:26 ----D---- C:\ProgramData\McAfee Security Scan
2014-03-16 14:56:38 ----D---- C:\ProgramData\Mozilla
2014-03-16 14:56:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-16 14:56:19 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-03-16 14:54:10 ----D---- C:\Program Files (x86)\Wajam
2014-03-16 14:52:19 ----D---- C:\Program Files (x86)\Buzz-it-soft
2014-03-16 14:51:50 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-16 14:48:39 ----D---- C:\Program Files (x86)\Free Download Manager
2014-03-16 14:48:32 ----D---- C:\Users\milan\AppData\Roaming\viddyhd
2014-03-16 14:47:55 ----D---- C:\Users\milan\AppData\Roaming\Babylon
2014-03-16 14:47:31 ----D---- C:\Users\milan\AppData\Roaming\viddyhddownload
2014-03-16 14:47:25 ----D---- C:\Users\milan\AppData\Roaming\5325ab6de66da12774002dbd
2014-03-16 14:39:05 ----A---- C:\windows\SYSWOW64\ff_vfw.dll
2014-03-16 14:37:36 ----D---- C:\Program Files (x86)\Iminent
2014-03-16 14:37:07 ----D---- C:\Program Files (x86)\PacFunction
2014-03-16 14:35:57 ----D---- C:\Program Files (x86)\HDvid-Codec V9.0
2014-03-16 14:35:14 ----D---- C:\Program Files (x86)\hdvidcodec.com
2014-03-13 21:05:27 ----D---- C:\Program Files (x86)\iLivid
2014-03-13 19:55:05 ----D---- C:\Program Files (x86)\MediaViewV1
2014-03-11 18:34:10 ----A---- C:\windows\system32\wwansvc.dll
2014-03-11 18:34:08 ----A---- C:\windows\SYSWOW64\wer.dll
2014-03-11 18:34:08 ----A---- C:\windows\system32\wer.dll
2014-03-11 18:34:07 ----A---- C:\windows\system32\win32k.sys
2014-03-11 18:34:05 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-03-11 18:34:05 ----A---- C:\windows\system32\iertutil.dll
2014-03-11 18:34:05 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-03-11 18:34:04 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-03-11 18:34:04 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-03-11 18:34:04 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-03-11 18:34:04 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-03-11 18:34:03 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-03-11 18:34:02 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-03-11 18:34:02 ----A---- C:\windows\system32\iernonce.dll
2014-03-11 18:34:01 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-03-11 18:34:01 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-03-11 18:34:01 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-03-11 18:34:01 ----A---- C:\windows\system32\urlmon.dll
2014-03-11 18:34:01 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-03-11 18:34:00 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-03-11 18:34:00 ----A---- C:\windows\system32\msfeeds.dll
2014-03-11 18:33:59 ----A---- C:\windows\system32\iesetup.dll
2014-03-11 18:33:59 ----A---- C:\windows\system32\ie4uinit.exe
2014-03-11 18:33:58 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-03-11 18:33:57 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-03-11 18:33:57 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-03-11 18:33:57 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-03-11 18:33:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-03-11 18:33:57 ----A---- C:\windows\system32\jsproxy.dll
2014-03-11 18:33:57 ----A---- C:\windows\system32\ieetwcollector.exe
2014-03-11 18:33:56 ----A---- C:\windows\system32\ieui.dll
2014-03-11 18:33:55 ----A---- C:\windows\system32\jscript9diag.dll
2014-03-11 18:33:55 ----A---- C:\windows\system32\ieUnatt.exe
2014-03-11 18:33:55 ----A---- C:\windows\system32\ieframe.dll
2014-03-11 18:33:54 ----A---- C:\windows\system32\wininet.dll
2014-03-11 18:33:54 ----A---- C:\windows\system32\jscript9.dll
2014-03-11 18:33:54 ----A---- C:\windows\system32\ieapfltr.dll
2014-03-11 18:33:53 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-11 18:33:53 ----A---- C:\windows\system32\msrating.dll
2014-03-11 18:33:52 ----A---- C:\windows\system32\mshtml.dll
2014-03-11 18:32:07 ----A---- C:\windows\system32\qedit.dll
2014-03-11 18:32:06 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-03-11 18:32:06 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-03-11 18:32:06 ----A---- C:\windows\system32\WindowsCodecs.dll

======List of files/folders modified in the last 1 month======

2014-03-31 10:26:23 ----D---- C:\Users\milan\AppData\Roaming\Skype
2014-03-31 10:23:39 ----RD---- C:\Program Files
2014-03-31 10:18:43 ----D---- C:\windows\system32\config
2014-03-31 10:10:55 ----D---- C:\windows\Temp
2014-03-30 22:29:09 ----AD---- C:\windows\System32
2014-03-30 22:29:04 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-03-30 22:27:52 ----D---- C:\windows\inf
2014-03-30 22:19:41 ----D---- C:\Users\milan\AppData\Roaming\newnext.me
2014-03-30 22:17:25 ----A---- C:\windows\win.ini
2014-03-30 22:16:42 ----D---- C:\Users\milan\AppData\Roaming\SoftGrid Client
2014-03-28 05:23:27 ----SHD---- C:\System Volume Information
2014-03-28 04:03:23 ----D---- C:\windows\system32\MRT
2014-03-28 04:03:22 ----D---- C:\windows\debug
2014-03-28 04:03:20 ----A---- C:\windows\system32\MRT.exe
2014-03-28 04:03:14 ----SHD---- C:\windows\Installer
2014-03-27 18:11:15 ----RD---- C:\Program Files (x86)
2014-03-27 16:03:14 ----D---- C:\windows\system32\drivers
2014-03-27 15:28:42 ----D---- C:\windows\Tasks
2014-03-27 15:28:42 ----D---- C:\windows\system32\wfp
2014-03-27 15:28:42 ----D---- C:\windows\system32\Tasks
2014-03-27 15:28:41 ----D---- C:\Program Files (x86)\GreyGray
2014-03-27 15:28:35 ----D---- C:\windows\system32\wbem
2014-03-27 15:28:35 ----AD---- C:\Windows
2014-03-27 15:27:36 ----D---- C:\windows\winsxs
2014-03-27 15:27:36 ----D---- C:\windows\SYSWOW64\wbem
2014-03-27 15:27:36 ----D---- C:\windows\SYSWOW64\en-US
2014-03-27 15:27:36 ----D---- C:\windows\SysWOW64
2014-03-27 15:27:36 ----D---- C:\windows\system32\en-US
2014-03-27 15:27:36 ----D---- C:\windows\system32\drivers\en-US
2014-03-27 15:27:35 ----D---- C:\windows\SYSWOW64\GroupPolicy
2014-03-27 15:27:35 ----D---- C:\windows\SYSWOW64\Atheros_L1e
2014-03-27 15:27:34 ----HD---- C:\windows\system32\GroupPolicy
2014-03-27 15:27:34 ----D---- C:\windows\system32\DriverStore
2014-03-27 15:27:34 ----D---- C:\windows\system32\CodeIntegrity
2014-03-27 15:27:34 ----D---- C:\windows\system32\catroot2
2014-03-27 15:27:34 ----D---- C:\windows\schemas
2014-03-27 15:27:34 ----D---- C:\windows\Migration
2014-03-27 15:27:34 ----D---- C:\windows\Microsoft.NET
2014-03-27 15:27:17 ----D---- C:\Users\milan\AppData\Roaming\Opera
2014-03-27 15:27:15 ----D---- C:\Users\milan\AppData\Roaming\Nosibay
2014-03-27 15:27:10 ----D---- C:\Support
2014-03-27 15:27:09 ----HD---- C:\ProgramData
2014-03-27 15:27:09 ----D---- C:\ProgramData\BasicServe
2014-03-27 15:27:08 ----D---- C:\Program Files\Opera x64
2014-03-27 15:27:05 ----RD---- C:\Program Files (x86)\Skype
2014-03-27 15:27:05 ----D---- C:\Program Files\AVAST Software
2014-03-27 15:27:05 ----D---- C:\Program Files (x86)\WebexpEnhancedV1
2014-03-27 15:27:05 ----D---- C:\Program Files (x86)\VideoPlayerV3
2014-03-27 15:27:05 ----D---- C:\Program Files (x86)\Realtek
2014-03-27 15:27:05 ----D---- C:\Program Files (x86)\Opera x64
2014-03-27 15:27:04 ----D---- C:\Program Files (x86)\Nosibay
2014-03-27 15:27:04 ----D---- C:\Program Files (x86)\MyPC Backup
2014-03-27 15:27:01 ----D---- C:\Program Files (x86)\GameTap Web Player
2014-03-27 15:26:59 ----D---- C:\Program Files (x86)\FreeTime
2014-03-27 15:26:59 ----D---- C:\Program Files (x86)\Conduit
2014-03-27 15:26:59 ----D---- C:\Program Files (x86)\Common Files
2014-03-27 15:26:57 ----D---- C:\Program Files (x86)\AVG SafeGuard toolbar
2014-03-27 15:26:57 ----D---- C:\Program Files (x86)\Atheros
2014-03-27 15:25:15 ----D---- C:\windows\registration
2014-03-27 15:24:46 ----D---- C:\windows\system32\catroot
2014-03-27 15:24:40 ----D---- C:\windows\PolicyDefinitions
2014-03-27 15:21:32 ----RSD---- C:\windows\assembly
2014-03-27 15:21:16 ----SD---- C:\Users\milan\AppData\Roaming\Microsoft
2014-03-27 15:20:36 ----D---- C:\ProgramData\Skype
2014-03-27 15:20:35 ----SD---- C:\ProgramData\Microsoft
2014-03-27 15:19:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-03-27 15:19:23 ----RHD---- C:\MSOCache
2014-03-27 15:09:30 ----D---- C:\windows\Logs
2014-03-23 12:25:56 ----AD---- C:\ProgramData\Temp
2014-03-22 22:10:13 ----D---- C:\Program Files (x86)\VideoLAN
2014-03-22 21:41:25 ----D---- C:\Program Files (x86)\Google
2014-03-17 01:33:03 ----D---- C:\Program Files\Internet Explorer
2014-03-17 01:33:03 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-16 19:32:18 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-03-16 19:02:23 ----D---- C:\ProgramData\McAfee
2014-03-16 14:56:57 ----D---- C:\Users\milan\AppData\Roaming\Mozilla
2014-03-13 19:55:20 ----A---- C:\extensions.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-06-08 540696]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 avgtp;avgtp; \??\C:\windows\system32\drivers\avgtpx64.sys [2014-03-17 50976]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-08 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R1 wStLib64;wStLib64; C:\windows\system32\drivers\wStLib64.sys [2014-03-27 61120]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\windows\system32\DRIVERS\Apfiltr.sys [2010-06-22 304760]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-09-26 2374656]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 10629408]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2000-01-01 3707864]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2000-01-01 110744]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\windows\system32\DRIVERS\ewusbwwan.sys []
S3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\windows\system32\drivers\massfilter.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-03-17 232480]
S3 SWDUMon;SWDUMon; C:\windows\system32\DRIVERS\SWDUMon.sys [2013-12-08 16152]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\windows\system32\DRIVERS\ZTEusbser6k.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 InternetUpdater;Internet Updater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [2013-12-06 40448]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [2012-07-29 230240]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Update GreyGray;Update GreyGray; C:\Program Files (x86)\GreyGray\updateGreyGray.exe [2014-03-30 348440]
R2 Update PacFunction;Update PacFunction; C:\Program Files (x86)\PacFunction\updatePacFunction.exe [2014-03-27 348448]
R2 Util GreyGray;Util GreyGray; C:\Program Files (x86)\GreyGray\bin\utilGreyGray.exe [2014-03-30 348440]
R2 Util PacFunction;Util PacFunction; C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe [2014-03-27 348448]
R2 vToolbarUpdater18.0.0;vToolbarUpdater18.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [2014-03-17 1759768]
R2 WajamUpdaterV3;WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [2013-10-25 114176]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-02-18 36392]
S2 Buzz-it;Buzz-it; C:\Program Files (x86)\Buzz-it-soft\Buzz-it157.exe [2014-03-16 197632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-16 257928]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-13 118896]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-08-14 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2000-01-01 98208]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Fony]

chcem sa opytat ci je najaky iny sposob akym by som vygeneroval tie logy lebo prvy program pracoval asi 8 hodin a nic sa nestalo nedokoncil proces (potom prestal reagovat)

druhy program scan spravil ale ked som dal clean tak po 12 hodinach cleanu bol program len v polovici a nikam sa nehybal nakoniec program prestal reagovat

prosim co s tym?

jeden log som predsa len nasel od adware s

podarili sa už oba logy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by milan on Tue 04/01/2014 at 14:46:47.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Failed to stop: [Service] update greygray



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E0A987C1-8B75-42C0-A349-797A84D690B5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F003626E-B622-4953-9F07-E2ECE8335849}



~~~ Files

Successfully deleted: [File] "C:\Users\Public\Desktop\iLivid Download Manager.lnk"
Successfully deleted: [File] C:\windows\syswow64\sho1D5A.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\milan\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\milan\appdata\locallow\gamingwonderlandei"
Successfully deleted: [Folder] "C:\Program Files (x86)\gamingwonderlandei"
Failed to delete: [Folder] "C:\Program Files (x86)\greygray"
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{1D4C0816-66BE-4EDB-A2F3-8DA836D175C1}
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{1D8C9156-EC7B-4765-BB93-376AFBFAD184}
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{34E52927-5A0D-4F1D-92F2-6AE26A56E1BF}
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{38CAE453-3797-4A3F-A8C2-92038D5DCDA5}
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{3EA891A7-7575-4930-9F9E-1B45E45D9101}
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{4BA12088-D4E3-4227-AEBA-16DEFA5DB678}
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{8593CC7A-B4DA-4A5A-AACE-230B6340324F}
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{897ECD73-0391-45F1-9911-5B8D0FB923C0}
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{8DF6A856-B6A2-4223-8970-F0068D2F75C8}
Successfully deleted: [Empty Folder] C:\Users\milan\appdata\local\{E60D5ADB-F1F2-4D40-A6CE-E93AB694FD5A}



~~~ FireFox

Emptied folder: C:\Users\milan\AppData\Roaming\mozilla\firefox\profiles\30e24fal.default\minidumps [22 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 04/01/2014 at 16:16:54.97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.022 - Report created 31/03/2014 at 20:31:43
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : milan - MILAN-PC
# Running from : C:\Users\milan\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack
Service Deleted : InternetUpdater
Service Deleted : WajamUpdaterV3

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\BasicServe
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\GameTap Web Player
Folder Deleted : C:\ProgramData\InternetUpdater
Folder Deleted : C:\ProgramData\RHelpers
Folder Deleted : C:\ProgramData\Websteroids
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\BasicServe
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\GameTap Web Player
[!] Folder Deleted : C:\Program Files (x86)\GreyGray
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\Program Files (x86)\HomeTab
Folder Deleted : C:\Program Files (x86)\iLivid
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Nosibay
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\sweetpacks bundle uninstaller
Folder Deleted : C:\Program Files (x86)\uniblue
Folder Deleted : C:\Program Files (x86)\VideoPlayerV3
Folder Deleted : C:\Program Files (x86)\Wajam
Folder Deleted : C:\Program Files (x86)\WebexpEnhancedV1
Folder Deleted : C:\Program Files (x86)\free ven
Folder Deleted : C:\Program Files (x86)\HDvid-Codec V9.0
Folder Deleted : C:\Program Files (x86)\media enhance
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\milan\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\milan\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\milan\AppData\Local\Conduit
Folder Deleted : C:\Users\milan\AppData\Local\genienext
Folder Deleted : C:\Users\milan\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\milan\AppData\Local\iLivid
Folder Deleted : C:\Users\milan\AppData\Local\Mobogenie
Folder Deleted : C:\Users\milan\AppData\Local\PackageAware
Folder Deleted : C:\Users\milan\AppData\Local\SearchProtect
Folder Deleted : C:\Users\milan\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\milan\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\milan\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\milan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\milan\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\milan\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\milan\AppData\LocalLow\SimplyTech
Folder Deleted : C:\Users\milan\AppData\Roaming\Babylon
Folder Deleted : C:\Users\milan\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\milan\AppData\Roaming\Nosibay
Folder Deleted : C:\Users\milan\AppData\Roaming\SimplyTech
Folder Deleted : C:\Users\milan\AppData\Roaming\uniblue
Folder Deleted : C:\Users\milan\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
Folder Deleted : C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Deleted : C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\milan\Documents\Mobogenie
Folder Deleted : C:\Users\milan\Documents\Optimizer Pro
Folder Deleted : C:\Users\milan\Documents\Smart Driver Updater
Folder Deleted : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\ValueApps
Folder Deleted : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\Extensions\{94CD2CC3-083F-49BA-A218-4CDA4B4829FD}
Folder Deleted : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\Extensions\d43e4d33-1c9f-4167-9600-b4929087f116@3cc778fb-659e-4988-abd4-592fc6b8806a.com
Folder Deleted : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\Extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com
Folder Deleted : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
Folder Deleted : C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Folder Deleted : C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjghiofiijcepdnocbgefbdlbckjfheg
Folder Deleted : C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh
Folder Deleted : C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\milan\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\milan\Desktop\iLivid.lnk
File Deleted : C:\Users\milan\Desktop\MyPC Backup.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\searchplugins\Web Search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml
File Deleted : C:\windows\Tasks\HDvid-Codec V9.0-chromeinstaller.job
File Deleted : C:\windows\System32\Tasks\HDvid-Codec V9.0-chromeinstaller
File Deleted : C:\windows\Tasks\HDvid-Codec V9.0-codedownloader.job
File Deleted : C:\windows\System32\Tasks\HDvid-Codec V9.0-codedownloader
File Deleted : C:\windows\Tasks\HDvid-Codec V9.0-enabler.job
File Deleted : C:\windows\System32\Tasks\HDvid-Codec V9.0-enabler
File Deleted : C:\windows\Tasks\HDvid-Codec V9.0-firefoxinstaller.job
File Deleted : C:\windows\System32\Tasks\HDvid-Codec V9.0-firefoxinstaller
File Deleted : C:\windows\Tasks\HDvid-Codec V9.0-updater.job
File Deleted : C:\windows\System32\Tasks\HDvid-Codec V9.0-updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [bubbledock@nosibay.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Bubble Dock]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Updater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Updater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_963508d2
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051356.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051356.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051356.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051356.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3167377
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511131156}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132256}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136656}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544134456}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131156}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A13CC898-9CA9-4578-9629-B328422FF014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33388391-92a6-4394-a595-f9c84984173d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{664948d7-b90c-4329-9a60-cbbce15501c0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{775a14ea-2c34-467b-88f6-3eac0093d479}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b3652fe-411d-4942-ae7d-31a2c93dab8c}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9a50c8d3-8fce-49f9-9b16-10847de698a6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKLM64\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM64\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM64\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511131156}
Key Deleted : HKLM64\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132256}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{28725C03-CBA1-4CF7-ACBE-586DC13286A0}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{2FCFC6FD-409C-43AD-88C4-1F7610125B87}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{32B59440-5A17-4522-AA27-8F84B9A64AEB}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{70AE3EE8-05D3-4DAF-8A0B-2530394FD8CB}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{A7C43421-AB2B-4373-AADD-F4B7AE15FDBE}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{D9581658-20F7-405B-B487-5CC26902E218}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{F81A9A20-F851-46A7-AD69-C2780DBC377C}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135556}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136656}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131156}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33388391-92a6-4394-a595-f9c84984173d}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{664948d7-b90c-4329-9a60-cbbce15501c0}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{775a14ea-2c34-467b-88f6-3eac0093d479}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b3652fe-411d-4942-ae7d-31a2c93dab8c}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9a50c8d3-8fce-49f9-9b16-10847de698a6}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\HDvid-Codec V9.0
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\installedbrowserextensions
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\HDvid-Codec V9.0
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HDvid-Codec V9.0
Key Deleted : HKLM64\SOFTWARE\DataMngr
Key Deleted : HKLM64\SOFTWARE\installedbrowserextensions
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\prefs.js ]

Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.InstallationThankYouPage", false);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.InstallationTime", 1394976943);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.active", true);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.addressbar", "NA");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.addressbarenhanced", "");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356_dbWasSet", true);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356_dbWasSet_FF25_FIX", true[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.asyncdb.was_copied", "true");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.asyncdb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.asyncinternaldb.was_copied", "true");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.backgroundver", 2);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.certdomaininstaller", "");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.changeprevious", false);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Standard Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.InstallationTime.value", "%221394976943%22");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Standard Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001063%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.au.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Daylight Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.au.value", "%222014-3-31%22");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Standard Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.cnt.value", "%22GB%22");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.first_run.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Standard Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.first_run.value", "%221%22");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.install.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Standard Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.install.value", "%222014-3-17%22");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.testingGaq.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Daylight Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.cookie.testingGaq.value", "%22https%3A//extclickmedia-maynemyltf.netdna-ssl.com/Extensions/analyti[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.description", "HDVid Codec - Enjoy the future of internet video with High Definition");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.domain", "");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.enablesearch", false);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.homepage", "");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.iframe", false);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Standard Time[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22E9445BB45423429DB6BC52A165AF8[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Standard Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001063%22%2C%22sub_id%22%3A%220%22%2C%[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Daylight Time[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001063%22%2C%22sub_id%22%3A%220%2[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Stan[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22E9445BB45423429DB6BC[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Daylight Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_appVer.value", "27");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Daylight Tim[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_lastVersion.value", "1");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Daylight Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_nextCheck.expiration", "Mon Mar 31 2014 16:10:58 GMT+0100 (GMT Standard Time)[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Daylight Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Dayligh[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Standard Time)[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.__defualt_browser__.value", "%22opera%22");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Standard Time)");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22E9445BB4[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT Da[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GM[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.monetization_plugin_bundledWithHash.value", "null");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.monetization_plugin_last_executable_request.expiration", "Tue Apr 01 2014 00:05:09 GMT+[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.monetization_plugin_last_executable_request.value", "%22http%3A//thisisudax.org/downloa[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0000 (GMT[...]
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.lastDailyReport", "1396257057341");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.lastUpdate", "1396257057338");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.manifesturl", "");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.name", "HDvid-Codec V9.0");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.newtab", "");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.opensearch", "");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plugin/a ... ugins.json");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.pluginsversion", 23);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.publisher", "installdaddy");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.searchstatus", 0);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.setnewtab", false);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.thankyou", "");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.updateinterval", 360);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.ver", 27);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.FilesValidatorDueTime", "1396257093030");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.apps", "51356");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.bic", "144cd79514eb29a0470945860f7a4501");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.cid", 51356);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.firstrun", false);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.hadappinstalled", true);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.installationdate", 1395016684);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.modetype", "production");
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.reportInstall", true);
Line Deleted : user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.statsDailyCounter", 8);
Line Deleted : user_pref("extensions.crossrider.bic", "144cd79514eb29a0470945860f7a4501");

-\\ Google Chrome v

[ File : C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[vyosek]

Supr, jdedem dale Ono kazdy log je otazkou maximalne nekolika minut

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Fony]

už hotovo po hodine

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by milan on Tue 04/01/2014 at 17:59:34.56.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\milan\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4/1/2014 6:05:14 PM Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\SearchScopes\{76CC818C-0637-42C0-B07A-D25FB7825374} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C8F8FE5-9785-4F74-BCF8-895EF9752D97} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C8F8FE5-9785-4F74-BCF8-895EF9752D97} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB5D199E-9659-47A2-930B-FC3B69061353} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB5D199E-9659-47A2-930B-FC3B69061353} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A899079D-206F-43A6-BE6A-07E0FA648EA0} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{7C8F8FE5-9785-4F74-BCF8-895EF9752D97} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{AB5D199E-9659-47A2-930B-FC3B69061353} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{ff3cfafe-7053-42ee-9f42-982fbcf5f806} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{da90e7a6-6cdc-4677-8822-1ac1151c9f00} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{1dfb8acc-4be6-4f42-a1e0-482b8627a027} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511131156} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{9A582AC0-FFB9-49B8-9E7D-1798B4885C63} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{9A582AC0-FFB9-49B8-9E7D-1798B4885C63} deleted successfully
HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Mozilla\Firefox\Extensions\{c15e7dab-404e-4fae-adb4-f80b646e550b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{A899079D-206F-43A6-BE6A-07E0FA648EA0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{A899079D-206F-43A6-BE6A-07E0FA648EA0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{3392cfec-56f8-41ee-bdb4-4e301efd2c93} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{3392cfec-56f8-41ee-bdb4-4e301efd2c93} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@WebexpEnhancedV1alpha4326.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta918.net deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.0.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.0.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util GreyGray deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util GreyGray deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util GreyGray deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util GreyGray deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update GreyGray deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update GreyGray deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update GreyGray deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update GreyGray deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util PacFunction deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util PacFunction deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util PacFunction deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util PacFunction deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update PacFunction deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update PacFunction deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update PacFunction deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update PacFunction deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\prefs.js:

Added to C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{BECCA440-C137-43CD-BA7B-AE580F9F6D17} deleted
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~3\BetterExperience deleted
C:\Users\milan\daemonprocess.txt deleted
C:\Users\milan\.android deleted
C:\PROGRA~2\ShoppingChip deleted
C:\PROGRA~2\MediaViewV1 deleted
C:\PROGRA~2\Free Download Manager deleted
C:\PROGRA~2\Retrogamer_4wEI deleted
C:\PROGRA~2\PSupport deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\Users\milan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted
C:\PROGRA~3\ShoppingChip deleted
C:\PROGRA~3\Updater deleted
C:\PROGRA~3\Free Download Manager deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\milan\AppData\Local\cache deleted
C:\Users\wangjihua\AppData\Local\Mobogenie deleted
C:\Users\milan\Downloads\SoftonicDownloader_for_opera-64-bit.exe deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\SysNative\tasks\couponsupport-S-649636217 deleted
C:\windows\tasks\couponsupport-S-649636217.job deleted
C:\Users\wangjihua deleted
C:\Users\milan\Desktop\iLividSetup-r420-n-bo.exe deleted
"C:\windows\Installer\d50d4.msi" deleted
"C:\ProgramData\25203f35215f292b_c" deleted
"C:\Users\milan\AppData\Roaming\5325ab6de66da12774002dbd\5325ab6de66da12774002dbd.exe" deleted
"C:\PROGRA~3\4d09ce8d5400296d\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}" deleted
"C:\PROGRA~3\4d09ce8d5400296d\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}.old" deleted
"C:\Users\milan\AppData\Roaming\viddyhd\rr.exe" deleted
"C:\PROGRA~2\GreyGray\updateGreyGray.exe" deleted
"C:\Support\couponsupport.exe" deleted
"C:\PROGRA~2\PacFunction\updatePacFunction.exe" deleted
"C:\PROGRA~2\GreyGray\bin\utilGreyGray.exe" deleted
"C:\PROGRA~2\PacFunction\bin\FilterApp_C64.exe" deleted
"C:\PROGRA~2\PacFunction\bin\utilPacFunction.exe" deleted
"C:\Users\milan\AppData\Roaming\5325ab6de66da12774002dbd" deleted
"C:\PROGRA~3\4d09ce8d5400296d" deleted
"C:\Users\milan\AppData\Roaming\Roxio" deleted
"C:\Users\milan\AppData\Roaming\viddyhd" deleted
"C:\PROGRA~2\GreyGray" not deleted
"C:\Support" not deleted
"C:\PROGRA~2\PacFunction" not deleted
"C:\PROGRA~2\GreyGray\bin" not deleted
"C:\PROGRA~2\PacFunction\bin" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ext@MediaViewV1alpha8613.net"="C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8613\ff" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default
- Undetermined - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Better Experience - %ProfilePath%\extensions\support@betterxperience.com
- HomeTab - %ProfilePath%\extensions\{1d33de57-fc7b-4526-97dc-e6bdbdcbf862}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default
95812430959AE88CDD0301AB3A71913B - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner +


==== Deleted Firefox Extensions ======================

C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\extensions\{1d33de57-fc7b-4526-97dc-e6bdbdcbf862} deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bopakagnckmlgajfccecajhnimjiiedh - No path found[]
clkgcnhgnfgkghlakkohdfbimpebepeo - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta918\ch\VideoPlayerV3beta918.crx[]
ecllemdgipfcapciikffofcfdoljildj - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha4326\ch\WebexpEnhancedV1alpha4326.crx[]
epjbmkilkccdkjlpkbddlceibjadjnnk - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8613\ch\MediaViewV1alpha8613.crx[]
kbjlipmgfoamgjaogmbihaffnpkpjajp - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/09/2013 11:59 AM]

Media Watch - milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckbpfhmffbbmllibiibkpjgleabgfali
Media View - milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\epjbmkilkccdkjlpkbddlceibjadjnnk

==== Chrome Fix ======================

C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\epjbmkilkccdkjlpkbddlceibjadjnnk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-848650799-579063942-758734733-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha8613.net deleted successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:13828"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\clkgcnhgnfgkghlakkohdfbimpebepeo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ecllemdgipfcapciikffofcfdoljildj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\epjbmkilkccdkjlpkbddlceibjadjnnk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InternetUpdater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\S-649636217 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bubble Dock deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1HFLUVI5 will be deleted at reboot
C:\Users\milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQ2UKYF will be deleted at reboot
C:\Users\milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MN4I3IWI will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\milan\AppData\Local\Mozilla\Firefox\Profiles\30e24fal.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=282 folders=106 43697372 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\milan\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\milan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\GreyGray" not found
"C:\Support" not found
"C:\PROGRA~2\PacFunction" not found
"C:\Users\milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1HFLUVI5" not found
"C:\Users\milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQ2UKYF" not found
"C:\Users\milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MN4I3IWI" not found

==== EOF on Tue 04/01/2014 at 19:11:01.38 ======================

[vyosek]

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[Fony]

ComboFix 14-03-24.01 - milan 04/01/2014 19:56:34.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3034.1591 [GMT 1:00]
Running from: c:\users\milan\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\inf\ntvdm.vbe
.
.
((((((((((((((((((((((((( Files Created from 2014-03-01 to 2014-04-01 )))))))))))))))))))))))))))))))
.
.
2014-04-01 19:02 . 2014-04-01 19:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-01 18:08 . 2014-04-01 16:58 24064 ----a-w- c:\windows\zoek-delete.exe
2014-04-01 18:08 . 2014-04-01 19:02 -------- d-----w- c:\users\milan\AppData\Local\Temp
2014-04-01 16:58 . 2014-04-01 17:59 -------- d-----w- C:\zoek_backup
2014-04-01 14:55 . 2014-02-25 17:46 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2DA1CA7A-CEAA-44E1-820C-D802DB75120A}\gapaengine.dll
2014-04-01 14:52 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4A268A9-963F-4312-BFC2-1D4ECFFB0993}\mpengine.dll
2014-03-31 15:05 . 2014-04-01 14:22 -------- d-----w- C:\AdwCleaner
2014-03-31 11:08 . 2014-03-31 11:08 -------- d-----w- c:\windows\ERUNT
2014-03-31 09:23 . 2014-03-31 09:24 -------- d-----w- c:\program files\trend micro
2014-03-31 09:18 . 2014-03-31 09:46 -------- d-----w- C:\rsit
2014-03-30 02:56 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-27 17:11 . 2014-03-27 17:11 -------- d-----w- c:\program files\McAfee Security Scan
2014-03-27 15:03 . 2014-03-27 15:03 61120 ----a-w- c:\windows\system32\drivers\wStLib64.sys
2014-03-23 13:42 . 2014-03-27 14:25 -------- d-----w- c:\windows\SysWow64\sda
2014-03-23 13:04 . 2014-03-23 13:04 -------- d-----w- c:\users\milan\AppData\Local\Skype
2014-03-23 12:39 . 2014-03-23 12:39 -------- d-----w- c:\programdata\Qualcomm Atheros
2014-03-23 12:36 . 2014-03-23 12:36 -------- d-----w- c:\program files\Intel
2014-03-23 12:31 . 2014-03-23 12:31 -------- d-----w- c:\users\milan\AppData\Local\Logishrd
2014-03-23 12:14 . 2014-03-23 12:27 -------- d-----w- c:\programdata\Logitech
2014-03-23 12:13 . 2014-03-23 12:28 -------- d-----w- c:\programdata\Logishrd
2014-03-23 12:13 . 2014-03-23 12:13 -------- d-----w- c:\program files\Logitech
2014-03-23 12:11 . 2014-03-23 12:31 -------- d-----w- c:\program files\Common Files\LogiShrd
2014-03-23 12:09 . 2014-03-23 12:23 -------- d-----w- c:\users\milan\AppData\Roaming\Logitech
2014-03-23 12:09 . 2014-03-23 12:11 -------- d-----w- c:\users\milan\AppData\Roaming\Logishrd
2014-03-23 11:54 . 2014-03-27 14:26 -------- d-----w- c:\program files (x86)\Driver Magician
2014-03-23 11:54 . 2014-03-23 11:55 -------- d-----w- c:\users\milan\AppData\Roaming\Driver Magician
2014-03-23 11:17 . 2014-03-23 11:38 -------- d-----w- c:\program files (x86)\Smart PC Solutions
2014-03-23 11:15 . 2014-03-23 12:50 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2014-03-22 23:55 . 2014-03-22 23:55 -------- d-----w- c:\program files (x86)\MediaWatchV1
2014-03-20 19:47 . 2014-03-20 19:47 -------- d-----w- c:\program files (x86)\NOBY.UCOZ.RU
2014-03-20 19:44 . 2014-03-27 14:26 -------- d-----w- c:\program files\WinRAR
2014-03-20 19:14 . 2014-03-20 19:14 -------- d-----w- c:\users\milan\AppData\Roaming\Avira
2014-03-20 18:59 . 2014-03-20 19:06 -------- d-----w- c:\program files (x86)\Avira
2014-03-20 18:59 . 2014-03-20 19:06 -------- d-----w- c:\programdata\Avira
2014-03-20 18:54 . 2014-03-27 14:26 -------- d-----w- c:\users\milan\AppData\Local\StormAlerts
2014-03-20 18:54 . 2014-03-20 18:54 -------- d-----w- c:\users\milan\AppData\Local\antiphishing-internethelper
2014-03-20 18:54 . 2014-03-27 14:26 -------- d-----w- c:\programdata\Internet Helper Anti-phishing
2014-03-20 17:44 . 2014-03-20 17:44 -------- d-----w- c:\users\milan\AppData\Roaming\Activeris
2014-03-20 17:43 . 2014-03-20 17:44 -------- d-----w- c:\programdata\Activeris
2014-03-20 17:43 . 2014-03-27 14:26 -------- d-----w- c:\program files (x86)\Activeris AntiMalware
2014-03-20 17:43 . 2014-03-20 17:43 -------- d-----w- C:\temp
2014-03-20 16:52 . 2014-03-27 14:26 -------- d-----w- c:\program files\CCleaner
2014-03-18 17:17 . 2014-03-28 03:01 -------- d-----w- c:\program files\Microsoft Silverlight
2014-03-16 23:09 . 2014-03-20 18:04 -------- d-----w- c:\users\milan\AppData\Roaming\Free Download Manager
2014-03-16 18:08 . 2014-03-16 18:08 -------- d-----w- c:\users\milan\AppData\Local\Macromedia
2014-03-16 18:02 . 2014-03-27 14:27 -------- d-----w- c:\programdata\McAfee Security Scan
2014-03-16 13:56 . 2014-03-16 13:56 -------- d-----w- c:\users\milan\AppData\Local\Mozilla
2014-03-16 13:56 . 2014-03-27 14:27 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-03-16 13:52 . 2014-03-27 14:26 -------- d-----w- c:\program files (x86)\Buzz-it-soft
2014-03-16 13:51 . 2014-03-28 03:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-03-16 13:47 . 2014-03-16 13:47 -------- d-----w- c:\users\milan\AppData\Roaming\viddyhddownload
2014-03-16 13:39 . 2012-04-09 00:40 79360 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2014-03-16 13:38 . 2014-03-27 17:08 -------- d-----w- c:\users\milan\AppData\Local\GCC
2014-03-11 17:33 . 2014-03-01 04:52 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-03-11 17:32 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-11 17:32 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-11 17:32 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-11 17:32 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-28 03:03 . 2012-06-02 16:11 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-16 23:55 . 2013-12-19 20:31 50976 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-03-16 18:32 . 2013-12-08 19:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-16 18:32 . 2013-12-08 19:50 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-25 17:46 . 2014-02-25 17:49 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-25 16:15 . 2014-02-25 16:15 82432 ----a-w- c:\users\milan\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2014-02-25 16:15 . 2014-02-25 16:15 44544 ----a-w- c:\users\milan\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2014-02-25 16:15 . 2014-02-25 16:15 1275392 ----a-w- c:\users\milan\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2012-03-14 00:17 . 2013-12-08 21:10 161736 ----a-w- c:\program files (x86)\gtres.dll
2012-03-14 00:17 . 2013-12-08 21:10 689552 ----a-w- c:\program files (x86)\gtUninstall GamingWonderland.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"msygpdijSrv"="c:\windows\inf\msygpdij.vbe" [2013-08-27 1558]
"msytvkvuSrv"="c:\windows\inf\msytvkvu.vbe" [2013-08-27 1558]
"msljyihuSrv"="c:\windows\system32\msljyihu.vbe" [2013-12-10 583]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"IAStorIcon"=c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"GamingWonderland Search Scope Monitor"="c:\progra~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
"GamingWonderland Browser Plugin Loader"=c:\progra~2\GAMING~2\bar\1.bin\gtbrmon.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\MobileBrServ\mbbservice.exe;c:\programdata\MobileBrServ\mbbservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswKbd;aswKbd; [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 wStLib64;wStLib64;c:\windows\system32\drivers\wStLib64.sys;c:\windows\SYSNATIVE\drivers\wStLib64.sys [x]
S2 Buzz-it;Buzz-it;c:\program files (x86)\Buzz-it-soft\Buzz-it157.exe;c:\program files (x86)\Buzz-it-soft\Buzz-it157.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-08 18:32]
.
2014-04-01 c:\windows\Tasks\Buzz-it Update.job
- c:\program files (x86)\Buzz-it-soft\Buzzi.exe [2014-03-16 13:52]
.
2014-04-01 c:\windows\Tasks\Buzz-it_wd.job
- c:\program files (x86)\Buzz-it-soft\Buzz-it_wd.exe [2014-03-16 13:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-06-04 392048]
"Persistence"="c:\windows\system32\igfxpers.exe" [2000-01-01 418336]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2000-01-01 13662936]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyServer = http=127.0.0.1:13828
IE: Download all with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
HKLM-Run-Printsrv - c:\windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
AddRemove-BetterExperience - c:\programdata\BetterExperience\uninstall.exe
AddRemove-FileParade Bundle - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
AddRemove-GigaClicks Crawler - c:\users\milan\AppData\Local\GCC\uninstall.exe
AddRemove-MediaViewV1alpha8613 - c:\program files (x86)\MediaViewV1\MediaViewV1alpha8613\uninstall.exe
AddRemove-ViddyHD - c:\program files (x86)\Free Download Manager\uninstall.exe
AddRemove-Webexp Enhanced - c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha4326\uninstall.exe
AddRemove-{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B} - c:\programdata\Updater\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-04-01 20:05:24
ComboFix-quarantined-files.txt 2014-04-01 19:05
.
Pre-Run: 120,827,629,568 bytes free
Post-Run: 120,250,617,856 bytes free
.
- - End Of File - - 9A153D094DDEF0F557B128A04CFA1953
A36C5E4F47E84449FF07ED3517B43A31

[vyosek]

Odinstalujte McAfee Security Scan

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Collect::
  c:\windows\inf\msygpdij.vbe
  c:\windows\inf\msytvkvu.vbe
  c:\windows\system32\msljyihu.vbe
  
  File::
  c:\windows\zoek-delete.exe
  c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
  c:\windows\Tasks\Adobe Flash Player Updater.job
  c:\windows\Tasks\Buzz-it Update.job
  c:\windows\Tasks\Buzz-it_wd.job
  
  Folder::
  c:\program files (x86)\Buzz-it-soft
  C:\zoek_backup
  c:\program files\McAfee Security Scan
  c:\program files (x86)\MediaWatchV1
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Skype"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "msygpdijSrv"=-
  "msytvkvuSrv"=-
  "msljyihuSrv"=-
  [-HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
  
  DDS::
  uInternet Settings,ProxyServer = http=127.0.0.1:13828
  
  Firefox::
  FF - ProfilePath - c:\users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\
  FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
  FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[Fony]

ComboFix 14-03-24.01 - milan 04/01/2014 20:36:22.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3034.1743 [GMT 1:00]
Running from: c:\users\milan\Desktop\ComboFix.exe
Command switches used :: c:\users\milan\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\Buzz-it Update.job"
"c:\windows\Tasks\Buzz-it_wd.job"
"c:\windows\zoek-delete.exe"
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Buzz-it-soft
c:\program files (x86)\Buzz-it-soft\Buzz-it_wd.exe
c:\program files (x86)\Buzz-it-soft\Buzz-it157.exe
c:\program files (x86)\Buzz-it-soft\Buzz-it157.ini
c:\program files (x86)\Buzz-it-soft\Buzzi.exe
c:\program files (x86)\Buzz-it-soft\Sqlite3.dll
c:\program files (x86)\Buzz-it-soft\Uninstall.exe
c:\program files (x86)\MediaWatchV1
c:\program files (x86)\MediaWatchV1\MediaWatchV1home206\ch\MediaWatchV1home206.crx
c:\program files (x86)\MediaWatchV1\MediaWatchV1home206\ff\chrome\content\icons\default\MediaWatchV1home206_32.png
c:\program files (x86)\MediaWatchV1\MediaWatchV1home206\ff\chrome\content\icons\Thumbs.db
c:\program files (x86)\MediaWatchV1\MediaWatchV1home206\ff\chrome\content\overlay.xul
c:\program files (x86)\MediaWatchV1\MediaWatchV1home206\ff\install.rdf
c:\windows\inf\msygpdij.vbe
c:\windows\inf\msytvkvu.vbe
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\Buzz-it Update.job
c:\windows\Tasks\Buzz-it_wd.job
c:\windows\zoek-delete.exe
C:\zoek_backup
c:\zoek_backup\C_extensions.ini.vir
c:\zoek_backup\C_extensions.sqlite.vir
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\7-zip\Codecs\Deflate.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\7-zip\Formats\arj.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\7-zip\Formats\zip.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\unrar.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\detoured.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\etasks.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm.tlb
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmumsp.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmwi.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome.manifest
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\flvsniff.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\iefdm2.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\iefdmdm.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\MediaConverter.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\msdl.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\npfdm.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\choosefolder.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\creategroup.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\dropbox.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\login.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\settime.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\skin.ini
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tosel.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tounsel.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray_down.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray_err.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray_starting.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\unins000.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\uninstall.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Updater.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\vistafx.dll
c:\zoek_backup\C_PROGRA~2_GreyGray\bin\utilGreyGray.exe
c:\zoek_backup\C_PROGRA~2_GreyGray\updateGreyGray.exe
c:\zoek_backup\C_PROGRA~2_MediaViewV1\MediaViewV1alpha8613\ch\MediaViewV1alpha8613.crx
c:\zoek_backup\C_PROGRA~2_MediaViewV1\MediaViewV1alpha8613\ff\chrome.manifest
c:\zoek_backup\C_PROGRA~2_MediaViewV1\MediaViewV1alpha8613\ff\chrome\content\ffMediaViewV1alpha8613.js
c:\zoek_backup\C_PROGRA~2_MediaViewV1\MediaViewV1alpha8613\ff\chrome\content\icons\default\MediaViewV1alpha8613_32.png
c:\zoek_backup\C_PROGRA~2_MediaViewV1\MediaViewV1alpha8613\ff\chrome\content\icons\Thumbs.db
c:\zoek_backup\C_PROGRA~2_MediaViewV1\MediaViewV1alpha8613\ff\chrome\content\overlay.xul
c:\zoek_backup\C_PROGRA~2_MediaViewV1\MediaViewV1alpha8613\ff\install.rdf
c:\zoek_backup\C_PROGRA~2_MediaViewV1\MediaViewV1alpha8613\uninstall.exe
c:\zoek_backup\C_PROGRA~2_PacFunction\7za.exe
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\7za.exe
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\BrowserAdapterS.7z
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\FilterApp_C64.exe
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\plugins\PacFunction.Bromon.dll
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\plugins\PacFunction.BrowserAdapterS.dll
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\plugins\PacFunction.CompatibilityChecker.dll
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\plugins\PacFunction.PurBrowse.dll
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\utilPacFunction.exe
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\XTLS.dll
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\XTLSApp.dll
c:\zoek_backup\C_PROGRA~2_PacFunction\bin\XTLSApp.exe
c:\zoek_backup\C_PROGRA~2_PacFunction\PacFunction.ico
c:\zoek_backup\C_PROGRA~2_PacFunction\PacFunctionUninstall.exe
c:\zoek_backup\C_PROGRA~2_PacFunction\updatePacFunction.exe
c:\zoek_backup\C_PROGRA~2_PSupport\psupport.dll
c:\zoek_backup\C_PROGRA~2_PSupport\uninstall.exe
c:\zoek_backup\C_PROGRA~3_4d09ce8d5400296d\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}
c:\zoek_backup\C_PROGRA~3_4d09ce8d5400296d\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}.old
c:\zoek_backup\C_PROGRA~3_BetterExperience\app.dat
c:\zoek_backup\C_PROGRA~3_BetterExperience\BetterExperience.ico
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\common.crx
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\announce.js
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\background.html
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\common.js
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\contentscript.js
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\icon.png
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\icon128.png
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\icon16.png
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\icon48.png
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\iframecontentscript.js
c:\zoek_backup\C_PROGRA~3_BetterExperience\Chrome\unzip\manifest.json
c:\zoek_backup\C_PROGRA~3_BetterExperience\Firefox\chrome.manifest
c:\zoek_backup\C_PROGRA~3_BetterExperience\Firefox\chrome\content\main.js
c:\zoek_backup\C_PROGRA~3_BetterExperience\Firefox\chrome\content\overlay.xul
c:\zoek_backup\C_PROGRA~3_BetterExperience\Firefox\install.rdf
c:\zoek_backup\C_PROGRA~3_BetterExperience\IE\common.dll
c:\zoek_backup\C_PROGRA~3_BetterExperience\Uninstall.exe
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\.autoreg
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\ivmsfdmff22.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\vmsfdmff22.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\install.rdf
c:\zoek_backup\C_PROGRA~3_Package Cache\{2c57b372-d843-4ffd-b8f1-30eda9c32f9a}\state.rsm
c:\zoek_backup\C_PROGRA~3_Package Cache\{5A8ED9B7-86CF-4DDB-994C-2DDC7C1BB48E}v1.0.5186.22941\BundledProducts.xml
c:\zoek_backup\C_PROGRA~3_Package Cache\{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}v10.0.13\media1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{e48a2f61-851a-4155-82f9-af1b04db8c3b}\state.rsm
c:\zoek_backup\C_PROGRA~3_Updater\Uninstall.exe
c:\zoek_backup\C_PROGRA~3_Updater\updater.exe
c:\zoek_backup\C_ProgramData_25203f35215f292b_c.vir
c:\zoek_backup\C_Support\649636217.ini
c:\zoek_backup\C_Support\couponsupport.exe
c:\zoek_backup\C_Users_milan_.android\adbkey
c:\zoek_backup\C_Users_milan_.android\adbkey.pub
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\0\2kolj8xp.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\0\34bq6u60.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\0\3pff9xd0.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\0\sgr2zjn0.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\1\14vg1dqq.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\1\28cxfqoq.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\1\2htydrk1.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\1\2hxjrpe1.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\1\2y15i5dq.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\1\hdlcfcy1.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\1\wu6i6nga.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\2\17ob3rb2.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\2\20t318q2.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\2\2lqi3b2r.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\2\3ptrm7s2.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\2\3sdofzpr.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\2\b12dl97b.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\2\z0vv52jb.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\1m3o09u3.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\1rhjl55c.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\1von9eoc.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\1x3hpzbs.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\30tdc2xs.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\3l2zg19s.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\mhgoxr4c.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\q3x5mjuc.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\xabvz7q3.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\3\xirgems3.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\4\1ibw2ept.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\4\1k47rutd.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\4\1u4imsyt.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\4\21y24lkt.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\4\2yz97zcd.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\4\3syju2o4.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\4\6wo0xuqt.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\4\765eg144.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\13ttpxq5.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\16d3adke.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\1djsm1v5.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\1kan2dc5.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\1tl2xnpe.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\1wglxe85.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\26jk49bu.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\31fkruce.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\31up9p35.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\352cxu0u.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\3auxirle.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\3fz0czm5.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\3tdftxfe.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\5\nvc7qz1u.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\12tx0lbf.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\1i0x2x6f.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\228jewp6.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\2v38v456.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\33qouog6.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\38x3bj9v.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\3a8mfk2v.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\3cmngm3v.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\3ec1gm4v.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\c5qgqqcv.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\ny17wxlv.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\6\nzq8i4uf.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\1l5u41jg.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\1mdqew17.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\2bs28gjg.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\2bt9zzjw.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\2e9sygow.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\2ore6k9g.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\369vwf77.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\3uju33x7.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\aabysarg.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\7\jxksezww.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\17sntrqx.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\1cldrvqx.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\1nrxxith.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\1szhqm9h.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\1tnrn7dx.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\1u3rukb8.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\23q6bsnh.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\2amqdjx8.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\2g5vlhyh.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\2o00rkoh.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\2y4csg9x.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\8\3qqtzc1h.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\9\1026jw4y.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\9\1j681wxy.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\9\201enju9.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\9\kj3na9ni.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\9\n7gsbkoi.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\9\xwqu1rn9.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\a\15yop5pz.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\a\1gktm9pz.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\a\2iduv9jz.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\a\3mes8q7j.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\a\4tzhsucz.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\a\tn96d5yz.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\b\2683lelk.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\c\271i2irl.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\d\18vkjgem.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\d\1irpnmim.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\d\22un1dqm.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\d\2rjwcz0m.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\d\3hmmcnwm.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\d\gp0j6bim.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\e\1lm9i5ln.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\e\9bnshwin.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\f\26gk0kgo.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\f\39nrp0ao.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\f\3gebmsko.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\f\3j18m0po.d
c:\zoek_backup\C_Users_milan_AppData_Local_cache\data7\f\fj7qiq0o.d
c:\zoek_backup\C_Users_milan_AppData_Local_Google_Chrome_User Data_Default_Extensions_epjbmkilkccdkjlpkbddlceibjadjnnk\1.1_0\images\MediaViewV1alpha8613_128.png
c:\zoek_backup\C_Users_milan_AppData_Local_Google_Chrome_User Data_Default_Extensions_epjbmkilkccdkjlpkbddlceibjadjnnk\1.1_0\images\MediaViewV1alpha8613_16.png
c:\zoek_backup\C_Users_milan_AppData_Local_Google_Chrome_User Data_Default_Extensions_epjbmkilkccdkjlpkbddlceibjadjnnk\1.1_0\images\MediaViewV1alpha8613_48.png
c:\zoek_backup\C_Users_milan_AppData_Local_Google_Chrome_User Data_Default_Extensions_epjbmkilkccdkjlpkbddlceibjadjnnk\1.1_0\images\MediaViewV1alpha8613_64.png
c:\zoek_backup\C_Users_milan_AppData_Local_Google_Chrome_User Data_Default_Extensions_epjbmkilkccdkjlpkbddlceibjadjnnk\1.1_0\manifest.json
c:\zoek_backup\C_Users_milan_AppData_Roaming_5325ab6de66da12774002dbd\5325ab6de66da12774002dbd.exe
c:\zoek_backup\C_Users_milan_AppData_Roaming_Microsoft_Internet Explorer_Quick Launch_iLivid.lnk.vir
c:\zoek_backup\C_Users_milan_AppData_Roaming_Mozilla_Firefox_Profiles_30e24fal.default_extensions_{1d33de57-fc7b-4526-97dc-e6bdbdcbf862}\chrome\HomeTab_18145.jar
c:\zoek_backup\C_Users_milan_AppData_Roaming_Mozilla_Firefox_Profiles_30e24fal.default_extensions_{1d33de57-fc7b-4526-97dc-e6bdbdcbf862}\HomeTab_18145.sqlite
c:\zoek_backup\C_Users_milan_AppData_Roaming_Mozilla_Firefox_Profiles_30e24fal.default_extensions_{1d33de57-fc7b-4526-97dc-e6bdbdcbf862}\install.rdf
c:\zoek_backup\C_Users_milan_AppData_Roaming_Mozilla_Firefox_Profiles_30e24fal.default_extensions_{1d33de57-fc7b-4526-97dc-e6bdbdcbf862}\pop.htm
c:\zoek_backup\C_Users_milan_AppData_Roaming_viddyhd\rr.exe
c:\zoek_backup\C_Users_milan_daemonprocess.txt.vir
c:\zoek_backup\C_Users_milan_Desktop_iLividSetup-r420-n-bo.exe.vir
c:\zoek_backup\C_Users_milan_Downloads_SoftonicDownloader_for_opera-64-bit.exe.vir
c:\zoek_backup\C_windows_Installer_d50d4.msi.vir
c:\zoek_backup\C_windows_SysNative_tasks_couponsupport-S-649636217.vir
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\075884af680ff6dc.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\227113dfa1ca894d.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\49fbbc5a8678d502.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\613e8ce7ab7106af.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\633a76311867bd11.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\691f14230153a9e1.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\6cb409d7ac73d9f1.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\7614bd6cfa99e546.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\77664b6ccc36be9f.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\881b3593316772f0.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\98657d0579ae1930.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\d34ea1db7e485cd2.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\d5c0f4e7bbe35bf3.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\d9ca663388d21ec0.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\f2cda51fd108941f.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG SafeGuard toolbar\cache\f34d8db84131d925.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\26c630d098e22dd5.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\272512937d9e61a4.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\287204568329e189.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\28bc8f716fd76a47.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\31a0997e9a5b5eb3.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\32c84fe32bb74d60.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\3917078cb68ec657.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\5790ecb16f8ba4cd.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\590ba23ce359fd0c.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\610289e025a3ee9a.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\6c59ac5e7e7a3ad0.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\6d03dad1035885d3.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\95f567698be8a182.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\ad10a52aff5e038d.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\c1fa887b03019701.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\c4d28dca2e7648be.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d201ef9910cd39de.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d2e94710a5708128.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d79b9dfe81484ec4.fb
c:\zoek_backup\C_windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\f998975c9cc711ee.fb
c:\zoek_backup\restore.txt
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Buzz-it
-------\Service_Buzz-it
.
.
((((((((((((((((((((((((( Files Created from 2014-03-01 to 2014-04-01 )))))))))))))))))))))))))))))))
.
.
2014-04-01 20:36 . 2014-04-01 20:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-01 18:08 . 2014-04-01 20:39 -------- d-----w- c:\users\milan\AppData\Local\Temp
2014-04-01 14:55 . 2014-02-25 17:46 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2DA1CA7A-CEAA-44E1-820C-D802DB75120A}\gapaengine.dll
2014-04-01 14:52 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4A268A9-963F-4312-BFC2-1D4ECFFB0993}\mpengine.dll
2014-03-31 15:05 . 2014-04-01 14:22 -------- d-----w- C:\AdwCleaner
2014-03-31 11:08 . 2014-03-31 11:08 -------- d-----w- c:\windows\ERUNT
2014-03-31 09:23 . 2014-03-31 09:24 -------- d-----w- c:\program files\trend micro
2014-03-31 09:18 . 2014-03-31 09:46 -------- d-----w- C:\rsit
2014-03-30 02:56 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-27 15:03 . 2014-03-27 15:03 61120 ----a-w- c:\windows\system32\drivers\wStLib64.sys
2014-03-23 13:42 . 2014-03-27 14:25 -------- d-----w- c:\windows\SysWow64\sda
2014-03-23 13:04 . 2014-03-23 13:04 -------- d-----w- c:\users\milan\AppData\Local\Skype
2014-03-23 12:39 . 2014-03-23 12:39 -------- d-----w- c:\programdata\Qualcomm Atheros
2014-03-23 12:36 . 2014-03-23 12:36 -------- d-----w- c:\program files\Intel
2014-03-23 12:31 . 2014-03-23 12:31 -------- d-----w- c:\users\milan\AppData\Local\Logishrd
2014-03-23 12:14 . 2014-03-23 12:27 -------- d-----w- c:\programdata\Logitech
2014-03-23 12:13 . 2014-03-23 12:28 -------- d-----w- c:\programdata\Logishrd
2014-03-23 12:13 . 2014-03-23 12:13 -------- d-----w- c:\program files\Logitech
2014-03-23 12:11 . 2014-03-23 12:31 -------- d-----w- c:\program files\Common Files\LogiShrd
2014-03-23 12:09 . 2014-03-23 12:23 -------- d-----w- c:\users\milan\AppData\Roaming\Logitech
2014-03-23 12:09 . 2014-03-23 12:11 -------- d-----w- c:\users\milan\AppData\Roaming\Logishrd
2014-03-23 11:54 . 2014-03-27 14:26 -------- d-----w- c:\program files (x86)\Driver Magician
2014-03-23 11:54 . 2014-03-23 11:55 -------- d-----w- c:\users\milan\AppData\Roaming\Driver Magician
2014-03-23 11:17 . 2014-03-23 11:38 -------- d-----w- c:\program files (x86)\Smart PC Solutions
2014-03-23 11:15 . 2014-03-23 12:50 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2014-03-20 19:47 . 2014-03-20 19:47 -------- d-----w- c:\program files (x86)\NOBY.UCOZ.RU
2014-03-20 19:44 . 2014-03-27 14:26 -------- d-----w- c:\program files\WinRAR
2014-03-20 19:14 . 2014-03-20 19:14 -------- d-----w- c:\users\milan\AppData\Roaming\Avira
2014-03-20 18:59 . 2014-03-20 19:06 -------- d-----w- c:\program files (x86)\Avira
2014-03-20 18:59 . 2014-03-20 19:06 -------- d-----w- c:\programdata\Avira
2014-03-20 18:54 . 2014-03-27 14:26 -------- d-----w- c:\users\milan\AppData\Local\StormAlerts
2014-03-20 18:54 . 2014-03-20 18:54 -------- d-----w- c:\users\milan\AppData\Local\antiphishing-internethelper
2014-03-20 18:54 . 2014-03-27 14:26 -------- d-----w- c:\programdata\Internet Helper Anti-phishing
2014-03-20 17:44 . 2014-03-20 17:44 -------- d-----w- c:\users\milan\AppData\Roaming\Activeris
2014-03-20 17:43 . 2014-03-20 17:44 -------- d-----w- c:\programdata\Activeris
2014-03-20 17:43 . 2014-03-27 14:26 -------- d-----w- c:\program files (x86)\Activeris AntiMalware
2014-03-20 17:43 . 2014-03-20 17:43 -------- d-----w- C:\temp
2014-03-20 16:52 . 2014-04-01 19:29 -------- d-----w- c:\program files\CCleaner
2014-03-18 17:17 . 2014-03-28 03:01 -------- d-----w- c:\program files\Microsoft Silverlight
2014-03-16 23:09 . 2014-03-20 18:04 -------- d-----w- c:\users\milan\AppData\Roaming\Free Download Manager
2014-03-16 18:08 . 2014-03-16 18:08 -------- d-----w- c:\users\milan\AppData\Local\Macromedia
2014-03-16 13:56 . 2014-03-16 13:56 -------- d-----w- c:\users\milan\AppData\Local\Mozilla
2014-03-16 13:56 . 2014-03-27 14:27 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-03-16 13:51 . 2014-03-28 03:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-03-16 13:47 . 2014-03-16 13:47 -------- d-----w- c:\users\milan\AppData\Roaming\viddyhddownload
2014-03-16 13:39 . 2012-04-09 00:40 79360 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2014-03-16 13:38 . 2014-03-27 17:08 -------- d-----w- c:\users\milan\AppData\Local\GCC
2014-03-11 17:33 . 2014-03-01 04:52 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-03-11 17:32 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-11 17:32 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-11 17:32 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-11 17:32 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-28 03:03 . 2012-06-02 16:11 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-16 23:55 . 2013-12-19 20:31 50976 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-03-16 18:32 . 2013-12-08 19:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-16 18:32 . 2013-12-08 19:50 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-25 17:46 . 2014-02-25 17:49 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-25 16:15 . 2014-02-25 16:15 82432 ----a-w- c:\users\milan\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2014-02-25 16:15 . 2014-02-25 16:15 44544 ----a-w- c:\users\milan\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2014-02-25 16:15 . 2014-02-25 16:15 1275392 ----a-w- c:\users\milan\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-16 00:42 . 2014-01-16 00:42 608032 ----a-w- C:\SecurityScanner.dll
2012-03-14 00:17 . 2013-12-08 21:10 161736 ----a-w- c:\program files (x86)\gtres.dll
2012-03-14 00:17 . 2013-12-08 21:10 689552 ----a-w- c:\program files (x86)\gtUninstall GamingWonderland.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswKbd;aswKbd; [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 wStLib64;wStLib64;c:\windows\system32\drivers\wStLib64.sys;c:\windows\SYSNATIVE\drivers\wStLib64.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\MobileBrServ\mbbservice.exe;c:\programdata\MobileBrServ\mbbservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-06-04 392048]
"Persistence"="c:\windows\system32\igfxpers.exe" [2000-01-01 418336]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2000-01-01 13662936]
"Printsrv"="c:\windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
IE: Download all with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\30e24fal.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
AddRemove-ba6377be-ab81-4ff1-b16d-c810d21c3636 - c:\program files (x86)\Buzz-it-soft\Uninstall.exe
AddRemove-BetterExperience - c:\programdata\BetterExperience\uninstall.exe
AddRemove-FileParade Bundle - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
AddRemove-GigaClicks Crawler - c:\users\milan\AppData\Local\GCC\uninstall.exe
AddRemove-MediaViewV1alpha8613 - c:\program files (x86)\MediaViewV1\MediaViewV1alpha8613\uninstall.exe
AddRemove-ViddyHD - c:\program files (x86)\Free Download Manager\uninstall.exe
AddRemove-Webexp Enhanced - c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha4326\uninstall.exe
AddRemove-{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B} - c:\programdata\Updater\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
Completion time: 2014-04-01 21:52:23 - machine was rebooted
ComboFix-quarantined-files.txt 2014-04-01 20:52
ComboFix2.txt 2014-04-01 19:05
.
Pre-Run: 120,309,465,088 bytes free
Post-Run: 119,935,799,296 bytes free
.
- - End Of File - - 41F5598AD521DC34F9BE875D2F0C5BDE
A36C5E4F47E84449FF07ED3517B43A31

[vyosek]

Jak se chova PC??

[Fony]

je to ovela lepsie, je opat rychly vyskakovacie okna zatial nevybehuju akurat som bez antiviru

[vyosek]

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse