Zdravím,
mám problém, internetové připojení se zdá, že jde normálně, ale když chci hrát nějakou online hru, odezva je strašlivě veliká (Ping se pohybuje stále okolo 300 a někdy i výš). Mám podezření, že se může jednat o virus, či nějaký jiný program.
Mohu poprosit o log systému?
Předem děkuji.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vysoká odezva
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Vysoká odezva
Naposledy upravil(a) Elisek dne 26 dub 2014 17:59, celkem upraveno 1 x.
Re: Vysoká odezva
Zdravim, pekny vecer preji a vitam Vas u nas na foru 
Dejte tedy na uvod log z RSIT dle tohoto navodu
Dejte tedy na uvod log z RSIT dle tohoto navodu"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká odezva
Logfile of random's system information tool 1.09 (written by random/random)
Run by Rodina at 2014-04-24 20:11:01
Microsoft Windows 7 Ultimate
System drive C: has 6 GB (3%) free of 220 GB
Total RAM: 3070 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:09, on 24.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
C:\Users\Rodina\AppData\Local\VNT\vntldr.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SndVol.exe
C:\Users\Rodina\Downloads\RSIT.exe
C:\Users\Rodina\Downloads\RSIT.exe
C:\Program Files\trend micro\Rodina.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=ATU4-V7 ... 04-07&psv=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.nasi.ova.czf:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {41545534-2D56-3743-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll" (file missing)
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Speed Analysis 3 - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files\Speed Analysis 3\ScriptHost.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {FF103732-4528-4322-AA8B-F7849AB7776B} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {41545534-2D56-3743-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll" (file missing)
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] C:\Program Files\VNT\vntldr.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32B130FX05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [CatalinaGroup Update] "C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe" /c
O4 - HKCU\..\Run: [Google Update] "C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
--
End of file - 11034 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
C:\Windows\tasks\Registry Optimizer_DEFAULT.job
C:\Windows\tasks\Registry Optimizer_UPDATES.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
prefs.js - "browser.search.useDBForOrder" - true
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{17E113E6-CD0E-4045-B154-65F0E57959EF}"=C:\Program Files\IMPI\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.10.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\extensions\
{7473b6bd-4691-4744-a82b-7854eb3d70b6}
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\searchplugins\
babylon.xml
BrowserProtect.xml
utorrentcontrolv2-customized-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-12-18 64264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-2D56-3743-00A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll [2014-03-19 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll [2012-11-06 183112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}]
Speed Analysis 3 - C:\Program Files\Speed Analysis 3\ScriptHost.dll [2013-08-28 400704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-27 170416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll [2012-11-06 183112]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
{41545534-2D56-3743-00A7-7A786E7484D7} - Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll [2014-03-19 12240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"4StoryPrePatch"=C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe [2013-02-19 327680]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-03-19 1801168]
"VNT"=C:\Program Files\VNT\vntldr.exe [2014-03-19 196048]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-04-15 3814736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]
"Facebook Update"=C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-19 138096]
"CatalinaGroup Update"=C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2013-10-27 147440]
"Google Update"=C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-13 116648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.siren"=sirenacm.dll
"VIDC.FMVC"=fmcodec.dll
"VIDC.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-24 20:08:42 ----D---- C:\Program Files\trend micro
2014-04-24 20:08:41 ----D---- C:\rsit
2014-04-17 14:37:41 ----D---- C:\Program Files\LogMeIn Hamachi
2014-04-16 22:00:03 ----D---- C:\Program Files\Kozí šílenost
2014-04-16 21:57:21 ----D---- C:\Program Files\references
2014-04-16 21:55:01 ----D---- C:\Program Files\Uninstall
2014-04-16 21:55:01 ----D---- C:\Program Files\redist
2014-04-16 21:55:01 ----D---- C:\2-click run
2014-04-07 22:07:22 ----D---- C:\Users\Rodina\AppData\Roaming\Nico Mak Computing
2014-04-07 22:07:10 ----D---- C:\Program Files\WinZip Registry Optimizer
2014-04-07 22:06:50 ----D---- C:\ProgramData\AskPartnerNetwork
2014-04-07 22:06:50 ----D---- C:\Program Files\VNT
2014-04-07 22:06:50 ----D---- C:\Program Files\AskPartnerNetwork
2014-04-07 22:06:36 ----D---- C:\ProgramData\APN
2014-04-07 19:17:21 ----D---- C:\ProgramData\Turbine
2014-04-07 19:15:44 ----D---- C:\ProgramData\HappyCloud
2014-03-27 15:42:34 ----D---- C:\ProgramData\Suafeuweb
2014-03-27 15:42:34 ----D---- C:\ProgramData\77a09a808bcb60cf
2014-03-27 15:42:34 ----D---- C:\Program Files\Suafeuweb
======List of files/folders modified in the last 1 month======
2014-04-24 20:11:05 ----D---- C:\Windows\Temp
2014-04-24 20:08:42 ----RD---- C:\Program Files
2014-04-24 20:07:32 ----D---- C:\Users\Rodina\AppData\Roaming\Skype
2014-04-24 19:46:49 ----D---- C:\Users\Rodina\AppData\Roaming\uTorrent
2014-04-24 19:44:02 ----D---- C:\Windows\system32\LogFiles
2014-04-24 19:44:02 ----D---- C:\Windows\Prefetch
2014-04-24 19:44:02 ----D---- C:\Windows
2014-04-24 18:48:59 ----D---- C:\ProgramData\NVIDIA
2014-04-22 20:30:20 ----D---- C:\Users\Rodina\AppData\Roaming\TS3Client
2014-04-20 19:13:27 ----D---- C:\Windows\system32\drivers
2014-04-20 14:42:50 ----D---- C:\Windows\system32\NDF
2014-04-19 19:02:27 ----D---- C:\Windows\System32
2014-04-19 19:02:27 ----D---- C:\Windows\inf
2014-04-19 19:02:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-18 12:47:32 ----D---- C:\Windows\system32\config
2014-04-18 12:19:31 ----SHD---- C:\System Volume Information
2014-04-17 14:38:14 ----SHD---- C:\Windows\Installer
2014-04-17 14:38:14 ----SHD---- C:\Config.Msi
2014-04-15 18:00:59 ----D---- C:\Windows\system32\catroot2
2014-04-14 13:19:52 ----D---- C:\Windows\system32\Tasks
2014-04-08 13:39:44 ----D---- C:\Windows\Tasks
2014-04-07 22:06:50 ----HD---- C:\ProgramData
2014-03-27 15:42:16 ----RD---- C:\Users
2014-03-27 15:41:25 ----D---- C:\ProgramData\InstallMate
2014-03-25 15:37:11 ----D---- C:\Users\Rodina\AppData\Roaming\.minecraft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 175176]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-27 691696]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 61680]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 a8u2f288;a8u2f288; C:\Windows\system32\drivers\a8u2f288.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 49664]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-03-19 166352]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-04-15 1682256]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-08 375056]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-12 247968]
S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-12 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-30 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-30 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-30 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-28 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Run by Rodina at 2014-04-24 20:11:01
Microsoft Windows 7 Ultimate
System drive C: has 6 GB (3%) free of 220 GB
Total RAM: 3070 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:09, on 24.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
C:\Users\Rodina\AppData\Local\VNT\vntldr.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SndVol.exe
C:\Users\Rodina\Downloads\RSIT.exe
C:\Users\Rodina\Downloads\RSIT.exe
C:\Program Files\trend micro\Rodina.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=ATU4-V7 ... 04-07&psv=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.nasi.ova.czf:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {41545534-2D56-3743-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll" (file missing)
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Speed Analysis 3 - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files\Speed Analysis 3\ScriptHost.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {FF103732-4528-4322-AA8B-F7849AB7776B} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {41545534-2D56-3743-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll" (file missing)
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] C:\Program Files\VNT\vntldr.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32B130FX05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [CatalinaGroup Update] "C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe" /c
O4 - HKCU\..\Run: [Google Update] "C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
--
End of file - 11034 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
C:\Windows\tasks\Registry Optimizer_DEFAULT.job
C:\Windows\tasks\Registry Optimizer_UPDATES.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
prefs.js - "browser.search.useDBForOrder" - true
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{17E113E6-CD0E-4045-B154-65F0E57959EF}"=C:\Program Files\IMPI\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.10.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\extensions\
{7473b6bd-4691-4744-a82b-7854eb3d70b6}
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\searchplugins\
babylon.xml
BrowserProtect.xml
utorrentcontrolv2-customized-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-12-18 64264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-2D56-3743-00A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll [2014-03-19 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll [2012-11-06 183112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}]
Speed Analysis 3 - C:\Program Files\Speed Analysis 3\ScriptHost.dll [2013-08-28 400704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-27 170416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll [2012-11-06 183112]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
{41545534-2D56-3743-00A7-7A786E7484D7} - Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll [2014-03-19 12240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"4StoryPrePatch"=C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe [2013-02-19 327680]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-03-19 1801168]
"VNT"=C:\Program Files\VNT\vntldr.exe [2014-03-19 196048]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-04-15 3814736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]
"Facebook Update"=C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-19 138096]
"CatalinaGroup Update"=C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2013-10-27 147440]
"Google Update"=C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-13 116648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.siren"=sirenacm.dll
"VIDC.FMVC"=fmcodec.dll
"VIDC.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-24 20:08:42 ----D---- C:\Program Files\trend micro
2014-04-24 20:08:41 ----D---- C:\rsit
2014-04-17 14:37:41 ----D---- C:\Program Files\LogMeIn Hamachi
2014-04-16 22:00:03 ----D---- C:\Program Files\Kozí šílenost
2014-04-16 21:57:21 ----D---- C:\Program Files\references
2014-04-16 21:55:01 ----D---- C:\Program Files\Uninstall
2014-04-16 21:55:01 ----D---- C:\Program Files\redist
2014-04-16 21:55:01 ----D---- C:\2-click run
2014-04-07 22:07:22 ----D---- C:\Users\Rodina\AppData\Roaming\Nico Mak Computing
2014-04-07 22:07:10 ----D---- C:\Program Files\WinZip Registry Optimizer
2014-04-07 22:06:50 ----D---- C:\ProgramData\AskPartnerNetwork
2014-04-07 22:06:50 ----D---- C:\Program Files\VNT
2014-04-07 22:06:50 ----D---- C:\Program Files\AskPartnerNetwork
2014-04-07 22:06:36 ----D---- C:\ProgramData\APN
2014-04-07 19:17:21 ----D---- C:\ProgramData\Turbine
2014-04-07 19:15:44 ----D---- C:\ProgramData\HappyCloud
2014-03-27 15:42:34 ----D---- C:\ProgramData\Suafeuweb
2014-03-27 15:42:34 ----D---- C:\ProgramData\77a09a808bcb60cf
2014-03-27 15:42:34 ----D---- C:\Program Files\Suafeuweb
======List of files/folders modified in the last 1 month======
2014-04-24 20:11:05 ----D---- C:\Windows\Temp
2014-04-24 20:08:42 ----RD---- C:\Program Files
2014-04-24 20:07:32 ----D---- C:\Users\Rodina\AppData\Roaming\Skype
2014-04-24 19:46:49 ----D---- C:\Users\Rodina\AppData\Roaming\uTorrent
2014-04-24 19:44:02 ----D---- C:\Windows\system32\LogFiles
2014-04-24 19:44:02 ----D---- C:\Windows\Prefetch
2014-04-24 19:44:02 ----D---- C:\Windows
2014-04-24 18:48:59 ----D---- C:\ProgramData\NVIDIA
2014-04-22 20:30:20 ----D---- C:\Users\Rodina\AppData\Roaming\TS3Client
2014-04-20 19:13:27 ----D---- C:\Windows\system32\drivers
2014-04-20 14:42:50 ----D---- C:\Windows\system32\NDF
2014-04-19 19:02:27 ----D---- C:\Windows\System32
2014-04-19 19:02:27 ----D---- C:\Windows\inf
2014-04-19 19:02:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-18 12:47:32 ----D---- C:\Windows\system32\config
2014-04-18 12:19:31 ----SHD---- C:\System Volume Information
2014-04-17 14:38:14 ----SHD---- C:\Windows\Installer
2014-04-17 14:38:14 ----SHD---- C:\Config.Msi
2014-04-15 18:00:59 ----D---- C:\Windows\system32\catroot2
2014-04-14 13:19:52 ----D---- C:\Windows\system32\Tasks
2014-04-08 13:39:44 ----D---- C:\Windows\Tasks
2014-04-07 22:06:50 ----HD---- C:\ProgramData
2014-03-27 15:42:16 ----RD---- C:\Users
2014-03-27 15:41:25 ----D---- C:\ProgramData\InstallMate
2014-03-25 15:37:11 ----D---- C:\Users\Rodina\AppData\Roaming\.minecraft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 175176]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-27 691696]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 61680]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 a8u2f288;a8u2f288; C:\Windows\system32\drivers\a8u2f288.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 49664]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-03-19 166352]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-04-15 1682256]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-08 375056]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-12 247968]
S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-12 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-30 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-30 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-30 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-28 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Re: Vysoká odezva
Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká odezva
V tomto se nevyznám, takto jsem koupila počítač od známého. Tudíž netuším
Re: Vysoká odezva
No dobra, pro tentokrate to zkoumat nebudem, berte to jako prvotni odpusteni...Ale ze by Vam jen tak znamy prodal PC s licenci, jejiz cena se pohybuje nekde kolem 8000,- Jinak se tu ale nelegalnimi systemy nezabyvame a priste to bude podrobeno blizsi kontrole 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká odezva
1.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Rodina on źt 24.04.2014 at 20:45:21,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\addonsframework.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\buttonsite.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthost.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2665223569-581265439-3035855539-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_slender-the-eight-pages_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_slender-the-eight-pages_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_spore-creature-editor (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_spore-creature-editor (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{225326EE-3863-48A8-9B8D-B17C57373D08}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{49EF93F1-F97E-4CB5-9C55-91116F86AA1B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"
~~~ Files
Successfully deleted: [File] "C:\Users\Rodina\appdata\local\google\chrome\user data\default\local storage\http_facebook.conduitapps.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\dsearchlink"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\speedanalysis3"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\systweak"
Failed to delete: [Folder] "C:\Users\Rodina\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Rodina\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\lemurleap"
Successfully deleted: [Folder] "C:\Program Files\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files\winzip registry optimizer"
Successfully deleted: [Folder] "C:\ProgramData\AskPartnerNetwork"
Successfully deleted: [Folder] "C:\Program Files\askpartnernetwork"
~~~ FireFox
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\user.js
Successfully deleted: [File] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\searchplugins\browserprotect.xml
Successfully deleted: [Folder] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\smartbar
Successfully deleted: [Folder] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted the following from C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\prefs.js
user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM4NTM3NTAyNiwidXVpZCI6ODc2OTkwMzI5NTkzNDM2LCJzZXFfaWQiOjcsInNzYiI6MTM1OTY1NzM0N30=");
user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.Facebook_Mode.enc", "Mg==");
user_pref("CT3220468.Facebook_User_Locale.enc", "ZW4=");
user_pref("CT3220468.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
user_pref("CT3220468.FirstTime", "true");
user_pref("CT3220468.FirstTimeFF3", "true");
user_pref("CT3220468.InstallDate", "29/1/2013 19:11:24");
user_pref("CT3220468.LoginRevertSettingsEnabled", true);
user_pref("CT3220468.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT3220468.RevertSettingsEnabled", true);
user_pref("CT3220468.SF_JUST_INSTALLED.enc", "RkFMU0U=");
user_pref("CT3220468.SF_STATUS.enc", "RU5BQkxFRA==");
user_pref("CT3220468.SF_USER_ID.enc", "Y2lkXzI3ODIwMTMyMDE0Mjg1MTU3OTA5");
user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=SB_CUI&q=");
user_pref("CT3220468.UserID", "UN41754265177573147");
user_pref("CT3220468._key_cl_active", "%E7%B6%BF%BA%EA%E9%BC%EB%B3%B8%EB%B7%E8%B3%BA%BE%BB%E7%B3%BF%B7%E7%EA%B3%BA%B7%BE%EB%B8%BF%BA%BF%EA%BE%E7%BF");
user_pref("CT3220468._key_cl_active.enc", "YTA5NGRjNmUtMmUxYi00ODVhLTkxYWQtNDE4ZTI5NDlkOGE5");
user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3220468.autoDisableScopes", -1);
user_pref("CT3220468.browser.search.defaultthis.engineName", true);
user_pref("CT3220468.cb_user_id_000.enc", "Q0I2ODk5MDIyMDQ1ODVfMTM2OTE0NDY5MTc0NV9GaXJlZm94");
user_pref("CT3220468.cbfirsttime.enc", "VGh1IEphbiAzMSAyMDEzIDE5OjM1OjQ2IEdNVCswMTAw");
user_pref("CT3220468.countryCode", "CZ");
user_pref("CT3220468.defaultSearch", "true");
user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT3220468.enableAlerts", "always");
user_pref("CT3220468.enableSearchFromAddressBar", "true");
user_pref("CT3220468.firstTimeDialogOpened", "true");
user_pref("CT3220468.fixPageNotFoundError", "true");
user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3220468.fixUrls", true);
user_pref("CT3220468.fullUserID", "UN41754265177573147.UP.2116");
user_pref("CT3220468.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9sbD0wLHZzY3JvbGw9MCx0aXRsZWJhcj0xLGNsb3NlYnV0dG9uPTEsc2F2ZXJlc2l6ZWRzaXplPT
user_pref("CT3220468.installType", "xpe");
user_pref("CT3220468.isCheckedStartAsHidden", true);
user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
user_pref("CT3220468.isNewTabEnabled", true);
user_pref("CT3220468.isPerformedSmartBarTransition", "true");
user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.keyword", true);
user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN4175426517757314
user_pref("CT3220468.lastVersion", "10.20.0.513");
user_pref("CT3220468.mam_gk_appStateReportTime", "%B7%B9%BE%BB%B9%BD%BB%B6%B8%BD%BC%BD%BB");
user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM4NTM3NTAyNzY3NQ==");
user_pref("CT3220468.mam_gk_appState_Clarity_Active", "%F5%F4");
user_pref("CT3220468.mam_gk_appState_Clarity_Active.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_Easytobook.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_Easytobook_targeted.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_WindowShopper.enc", "b24=");
user_pref("CT3220468.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY
user_pref("CT3220468.mam_gk_appsDefaultEnabled", "%F4%FB%F2%F2");
user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT3220468.mam_gk_calledSetupService.enc", "MQ==");
user_pref("CT3220468.mam_gk_currentVersion", "%B7%B4%B7%B7%B4%BA%B4%B8");
user_pref("CT3220468.mam_gk_currentVersion.enc", "MS4xMS40LjI=");
user_pref("CT3220468.mam_gk_eventsCache.enc", "eyJhYjFjZTc0My1lMmEyLTQ1ZWEtOTI4NC0zNGRiOTY3NWUyMGQiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlv
user_pref("CT3220468.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
user_pref("CT3220468.mam_gk_first_time", "%B7");
user_pref("CT3220468.mam_gk_first_time.enc", "MQ==");
user_pref("CT3220468.mam_gk_gadgetOpen.enc", "d2VsY29tZQ==");
user_pref("CT3220468.mam_gk_globalKeysMigratedToLocalStorage", "%B7");
user_pref("CT3220468.mam_gk_globalKeysMigratedToLocalStorage.enc", "MQ==");
user_pref("CT3220468.mam_gk_lastLoginTime", "%B7%B9%BE%BB%B9%BD%BB%B6%B8%BE%B6%B9%B9");
user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM4NTM3NTAyODAzMw==");
user_pref("CT3220468.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXB
user_pref("CT3220468.mam_gk_new_welcome_experience.enc", "MQ==");
user_pref("CT3220468.mam_gk_pgUnloadedOnce", "%FA%F8%FB%EB");
user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT3220468.mam_gk_settings1.10.2.5.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjo
user_pref("CT3220468.mam_gk_settings1.11.4.2", "%u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%
user_pref("CT3220468.mam_gk_settings1.11.4.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMjUiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6Ijg0XzAiLCJpc1Rlc3Q
user_pref("CT3220468.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT3220468.mam_gk_stamp", "%BE%BA%E5%B6");
user_pref("CT3220468.mam_gk_stamp.enc", "ODRfMA==");
user_pref("CT3220468.mam_gk_userId", "%E7%BE%BA%E9%BE%EA%EC%B9%B3%BA%B8%B6%BD%B3%BA%BF%B9%BC%B3%E7%B7%EC%BB%B3%E8%E8%EB%BB%BA%E9%BD%BE%BC%BD%E9%B8");
user_pref("CT3220468.mam_gk_userId.enc", "YTg0YzhkZjMtNDIwNy00OTM2LWExZjUtYmJlNTRjNzg2N2My");
user_pref("CT3220468.mam_gk_user_approval_interacted", "%B7");
user_pref("CT3220468.mam_gk_user_approval_interacted.enc", "MQ==");
user_pref("CT3220468.mam_gk_welcomeDialogMode", "%B7");
user_pref("CT3220468.mam_gk_welcomeDialogMode.enc", "MQ==");
user_pref("CT3220468.migrateAppsAndComponents", true);
user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2FResults.aspx%3Fq%3Dseznam.cz%26Suggest%3Dsezna
user_pref("CT3220468.openThankYouPage", "true");
user_pref("CT3220468.openUninstallPage", "false");
user_pref("CT3220468.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=SB_CUI&q=");
user_pref("CT3220468.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"11\\\\/22\\\\/2013 00\\\"}\"}");
user_pref("CT3220468.price-gong.isManagedApp", "true");
user_pref("CT3220468.revertSettingsEnabled", "true");
user_pref("CT3220468.search.searchAppId", "129813684258939747");
user_pref("CT3220468.search.searchCount", "0");
user_pref("CT3220468.searchInNewTabEnabledByUser", "true");
user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
user_pref("CT3220468.searchSuggestEnabledByUser", "true");
user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2 \"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"1\"}");
user_pref("CT3220468.serviceLayer_services_Configuration_lastUpdate", "1385375020134");
user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1385067100831");
user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1385375020067");
user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1385067100665");
user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1385066982209");
user_pref("CT3220468.serviceLayer_services_login_10.20.0.513_lastUpdate", "1385375017833");
user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1385067100708");
user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1385375020129");
user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1385375017808");
user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1385375017976");
user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1385375020085");
user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1385375017947");
user_pref("CT3220468.serviceLayer_services_userApps_lastUpdate", "1385375020223");
user_pref("CT3220468.settingsINI", true);
user_pref("CT3220468.shouldFirstTimeDialog", "false");
user_pref("CT3220468.showToolbarPermission", "false");
user_pref("CT3220468.smartbar.CTID", "CT3220468");
user_pref("CT3220468.smartbar.Uninstall", "0");
user_pref("CT3220468.smartbar.homepage", true);
user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
user_pref("CT3220468.toolbarBornServerTime", "31-1-2013");
user_pref("CT3220468.toolbarCurrentServerTime", "25-11-2013");
user_pref("CT3220468.toolbarLoginClientTime", "Mon Nov 25 2013 11:23:36 GMT+0100");
user_pref("CT3220468.url_history0001.enc", "aHR0cDovL3d3dy5zbHVuZWNuaWNlLmN6L3N3L2dvb2dsZS1jaHJvbWUvc3RhaG5vdXQvOjo6Y2xpY2toYW5kbGVyOjo6MTM3NzYyNzEwODc0NiwsLGh0dHA6Ly93d3cuc2x
user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1385375018809,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13&CUI=SB_CUI");
user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl_v2 Customized Web Search");
user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=SB_CUI&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
user_pref("browser.search.defaultenginename", "uTorrentControl_v2 Customized Web Search");
user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.b
user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANU
user_pref("smartbar.addressBarOwnerCTID", "CT3220468");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13&CUI=SB_CUI");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=SB_CUI&q=,hxxp://search.conduit.com/ResultsExt.a
user_pref("smartbar.defaultSearchOwnerCTID", "CT3220468");
user_pref("smartbar.machineId", "XO8HXRTGXY1E8/N+8QICROVORDMHMEH3WUH2SIMW58OHH9TOF3BG85OJLYR5CUA2KYN6E0EE7TNC/N0JPK2SFG");
user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
user_pref("smartbar.originalSearchAddressUrl", "");
user_pref("smartbar.originalSearchEngine", false);
~~~ Chrome
Failed to delete: [Folder] C:\Users\Rodina\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Folder] C:\Users\Rodina\appdata\local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Successfully deleted: [Folder] C:\Users\Rodina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 24.04.2014 at 20:51:57,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.
# AdwCleaner v3.202 - Report created 24/04/2014 at 20:59:38
# Updated 23/04/2014 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : Rodina - RODINA-PC
# Running from : C:\Users\Rodina\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : APNMCP
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Folder Deleted : C:\Program Files\Speed Analysis 3
Folder Deleted : C:\Users\Rodina\AppData\Local\Conduit
Folder Deleted : C:\Users\Rodina\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Rodina\AppData\Roaming\7go
File Deleted : C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\Extensions\speedanalysis03@SpeedAnalysis.com.xpi
File Deleted : C:\Users\Rodina\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.BackgroundHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Navbar
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Navbar.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Tool
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKCU\Software\5c6d8d9b135ec46
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{24F3378A-5B52-491F-AD90-88D583C42C77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{58B849FB-ECBE-4F1B-BEE0-2DC418CF68F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0771C34F-730F-4535-AD4C-37B74D27188E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{15998F3C-BBA9-476D-8FC2-09BE9E3B8751}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A09B0156-EFCE-46B4-9118-BC270EA654C1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D88E0FD9-31EB-48EF-BC89-35EBCE0E813C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF103732-4528-4322-AA8B-F7849AB7776B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D5963F5-A8C3-46F1-8B52-3047EB48238E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70D1F708-14B4-4F44-B2E4-E15DD1436ABC}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16476
-\\ Mozilla Firefox v14.0.1 (cs)
[ File : C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\prefs.js ]
Line Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN41754265177573147&SSPV=&Lay=1&UM=\"}");
Line Deleted : user_pref("CT3220468.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY2xhcml0eVJheS9jcl9hY3Rpdm[...]
Line Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2FResults.aspx%3Fq%3Dseznam.cz%26Suggest%3Dsezna%26stype%3DHomepage%26use[...]
Line Deleted : user_pref("CT3220468.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"11\\\\/22\\\\/2013 00\\\"}\"}");
Line Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2 \"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"1\"}");
Line Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1385375018809,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("extensions.kango.storage.m2_k1", "0");
Line Deleted : user_pref("extensions.kango.storage.m2_k2", "0");
Line Deleted : user_pref("extensions.kango.storage.m2_k3", "0");
Line Deleted : user_pref("extensions.kango.storage.m2_k4", "1385519017789");
Line Deleted : user_pref("extensions.kango.storage.m2_k5", "1385375155938");
Line Deleted : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
Line Deleted : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Line Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
-\\ Google Chrome v
[ File : C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3220468
Deleted [Search Provider] : hxxp://mixidj.delta-search.com/?q={searchTerms}&affID=121125&babsrc=SP_ss&mntrId=70605907000000000000001bfc5b526d
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.search.ask.com/web?tpid=ATU4-V7C&o= ... earchTerms}
Deleted [Startup_urls] : hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN ... 04-07&psv=
Deleted [Homepage] : hxxp://mixidj.delta-search.com/?affID=121125&babsrc=HP_ss&mntrId=70605907000000000000001bfc5b526d
*************************
AdwCleaner[R0].txt - [12166 octets] - [24/04/2014 20:53:58]
AdwCleaner[S0].txt - [11636 octets] - [24/04/2014 20:59:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11697 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Rodina on źt 24.04.2014 at 20:45:21,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\addonsframework.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\buttonsite.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthost.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2665223569-581265439-3035855539-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_painttool-sai_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_slender-the-eight-pages_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_slender-the-eight-pages_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_spore-creature-editor (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_spore-creature-editor (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{225326EE-3863-48A8-9B8D-B17C57373D08}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{49EF93F1-F97E-4CB5-9C55-91116F86AA1B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"
~~~ Files
Successfully deleted: [File] "C:\Users\Rodina\appdata\local\google\chrome\user data\default\local storage\http_facebook.conduitapps.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\dsearchlink"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\speedanalysis3"
Successfully deleted: [Folder] "C:\Users\Rodina\AppData\Roaming\systweak"
Failed to delete: [Folder] "C:\Users\Rodina\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Rodina\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\lemurleap"
Successfully deleted: [Folder] "C:\Program Files\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files\winzip registry optimizer"
Successfully deleted: [Folder] "C:\ProgramData\AskPartnerNetwork"
Successfully deleted: [Folder] "C:\Program Files\askpartnernetwork"
~~~ FireFox
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\user.js
Successfully deleted: [File] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\searchplugins\browserprotect.xml
Successfully deleted: [Folder] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\smartbar
Successfully deleted: [Folder] C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted the following from C:\Users\Rodina\AppData\Roaming\mozilla\firefox\profiles\rlw8rv83.default\prefs.js
user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM4NTM3NTAyNiwidXVpZCI6ODc2OTkwMzI5NTkzNDM2LCJzZXFfaWQiOjcsInNzYiI6MTM1OTY1NzM0N30=");
user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.Facebook_Mode.enc", "Mg==");
user_pref("CT3220468.Facebook_User_Locale.enc", "ZW4=");
user_pref("CT3220468.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
user_pref("CT3220468.FirstTime", "true");
user_pref("CT3220468.FirstTimeFF3", "true");
user_pref("CT3220468.InstallDate", "29/1/2013 19:11:24");
user_pref("CT3220468.LoginRevertSettingsEnabled", true);
user_pref("CT3220468.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT3220468.RevertSettingsEnabled", true);
user_pref("CT3220468.SF_JUST_INSTALLED.enc", "RkFMU0U=");
user_pref("CT3220468.SF_STATUS.enc", "RU5BQkxFRA==");
user_pref("CT3220468.SF_USER_ID.enc", "Y2lkXzI3ODIwMTMyMDE0Mjg1MTU3OTA5");
user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=SB_CUI&q=");
user_pref("CT3220468.UserID", "UN41754265177573147");
user_pref("CT3220468._key_cl_active", "%E7%B6%BF%BA%EA%E9%BC%EB%B3%B8%EB%B7%E8%B3%BA%BE%BB%E7%B3%BF%B7%E7%EA%B3%BA%B7%BE%EB%B8%BF%BA%BF%EA%BE%E7%BF");
user_pref("CT3220468._key_cl_active.enc", "YTA5NGRjNmUtMmUxYi00ODVhLTkxYWQtNDE4ZTI5NDlkOGE5");
user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3220468.autoDisableScopes", -1);
user_pref("CT3220468.browser.search.defaultthis.engineName", true);
user_pref("CT3220468.cb_user_id_000.enc", "Q0I2ODk5MDIyMDQ1ODVfMTM2OTE0NDY5MTc0NV9GaXJlZm94");
user_pref("CT3220468.cbfirsttime.enc", "VGh1IEphbiAzMSAyMDEzIDE5OjM1OjQ2IEdNVCswMTAw");
user_pref("CT3220468.countryCode", "CZ");
user_pref("CT3220468.defaultSearch", "true");
user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT3220468.enableAlerts", "always");
user_pref("CT3220468.enableSearchFromAddressBar", "true");
user_pref("CT3220468.firstTimeDialogOpened", "true");
user_pref("CT3220468.fixPageNotFoundError", "true");
user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3220468.fixUrls", true);
user_pref("CT3220468.fullUserID", "UN41754265177573147.UP.2116");
user_pref("CT3220468.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9sbD0wLHZzY3JvbGw9MCx0aXRsZWJhcj0xLGNsb3NlYnV0dG9uPTEsc2F2ZXJlc2l6ZWRzaXplPT
user_pref("CT3220468.installType", "xpe");
user_pref("CT3220468.isCheckedStartAsHidden", true);
user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
user_pref("CT3220468.isNewTabEnabled", true);
user_pref("CT3220468.isPerformedSmartBarTransition", "true");
user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.keyword", true);
user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN4175426517757314
user_pref("CT3220468.lastVersion", "10.20.0.513");
user_pref("CT3220468.mam_gk_appStateReportTime", "%B7%B9%BE%BB%B9%BD%BB%B6%B8%BD%BC%BD%BB");
user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM4NTM3NTAyNzY3NQ==");
user_pref("CT3220468.mam_gk_appState_Clarity_Active", "%F5%F4");
user_pref("CT3220468.mam_gk_appState_Clarity_Active.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_Easytobook.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_Easytobook_targeted.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_WindowShopper.enc", "b24=");
user_pref("CT3220468.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY
user_pref("CT3220468.mam_gk_appsDefaultEnabled", "%F4%FB%F2%F2");
user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT3220468.mam_gk_calledSetupService.enc", "MQ==");
user_pref("CT3220468.mam_gk_currentVersion", "%B7%B4%B7%B7%B4%BA%B4%B8");
user_pref("CT3220468.mam_gk_currentVersion.enc", "MS4xMS40LjI=");
user_pref("CT3220468.mam_gk_eventsCache.enc", "eyJhYjFjZTc0My1lMmEyLTQ1ZWEtOTI4NC0zNGRiOTY3NWUyMGQiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlv
user_pref("CT3220468.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
user_pref("CT3220468.mam_gk_first_time", "%B7");
user_pref("CT3220468.mam_gk_first_time.enc", "MQ==");
user_pref("CT3220468.mam_gk_gadgetOpen.enc", "d2VsY29tZQ==");
user_pref("CT3220468.mam_gk_globalKeysMigratedToLocalStorage", "%B7");
user_pref("CT3220468.mam_gk_globalKeysMigratedToLocalStorage.enc", "MQ==");
user_pref("CT3220468.mam_gk_lastLoginTime", "%B7%B9%BE%BB%B9%BD%BB%B6%B8%BE%B6%B9%B9");
user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM4NTM3NTAyODAzMw==");
user_pref("CT3220468.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXB
user_pref("CT3220468.mam_gk_new_welcome_experience.enc", "MQ==");
user_pref("CT3220468.mam_gk_pgUnloadedOnce", "%FA%F8%FB%EB");
user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT3220468.mam_gk_settings1.10.2.5.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjo
user_pref("CT3220468.mam_gk_settings1.11.4.2", "%u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0%u0101%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%
user_pref("CT3220468.mam_gk_settings1.11.4.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMjUiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6Ijg0XzAiLCJpc1Rlc3Q
user_pref("CT3220468.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT3220468.mam_gk_stamp", "%BE%BA%E5%B6");
user_pref("CT3220468.mam_gk_stamp.enc", "ODRfMA==");
user_pref("CT3220468.mam_gk_userId", "%E7%BE%BA%E9%BE%EA%EC%B9%B3%BA%B8%B6%BD%B3%BA%BF%B9%BC%B3%E7%B7%EC%BB%B3%E8%E8%EB%BB%BA%E9%BD%BE%BC%BD%E9%B8");
user_pref("CT3220468.mam_gk_userId.enc", "YTg0YzhkZjMtNDIwNy00OTM2LWExZjUtYmJlNTRjNzg2N2My");
user_pref("CT3220468.mam_gk_user_approval_interacted", "%B7");
user_pref("CT3220468.mam_gk_user_approval_interacted.enc", "MQ==");
user_pref("CT3220468.mam_gk_welcomeDialogMode", "%B7");
user_pref("CT3220468.mam_gk_welcomeDialogMode.enc", "MQ==");
user_pref("CT3220468.migrateAppsAndComponents", true);
user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2FResults.aspx%3Fq%3Dseznam.cz%26Suggest%3Dsezna
user_pref("CT3220468.openThankYouPage", "true");
user_pref("CT3220468.openUninstallPage", "false");
user_pref("CT3220468.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=SB_CUI&q=");
user_pref("CT3220468.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"11\\\\/22\\\\/2013 00\\\"}\"}");
user_pref("CT3220468.price-gong.isManagedApp", "true");
user_pref("CT3220468.revertSettingsEnabled", "true");
user_pref("CT3220468.search.searchAppId", "129813684258939747");
user_pref("CT3220468.search.searchCount", "0");
user_pref("CT3220468.searchInNewTabEnabledByUser", "true");
user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
user_pref("CT3220468.searchSuggestEnabledByUser", "true");
user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2 \"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"1\"}");
user_pref("CT3220468.serviceLayer_services_Configuration_lastUpdate", "1385375020134");
user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1385067100831");
user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1385375020067");
user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1385067100665");
user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1385066982209");
user_pref("CT3220468.serviceLayer_services_login_10.20.0.513_lastUpdate", "1385375017833");
user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1385067100708");
user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1385375020129");
user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1385375017808");
user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1385375017976");
user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1385375020085");
user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1385375017947");
user_pref("CT3220468.serviceLayer_services_userApps_lastUpdate", "1385375020223");
user_pref("CT3220468.settingsINI", true);
user_pref("CT3220468.shouldFirstTimeDialog", "false");
user_pref("CT3220468.showToolbarPermission", "false");
user_pref("CT3220468.smartbar.CTID", "CT3220468");
user_pref("CT3220468.smartbar.Uninstall", "0");
user_pref("CT3220468.smartbar.homepage", true);
user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
user_pref("CT3220468.toolbarBornServerTime", "31-1-2013");
user_pref("CT3220468.toolbarCurrentServerTime", "25-11-2013");
user_pref("CT3220468.toolbarLoginClientTime", "Mon Nov 25 2013 11:23:36 GMT+0100");
user_pref("CT3220468.url_history0001.enc", "aHR0cDovL3d3dy5zbHVuZWNuaWNlLmN6L3N3L2dvb2dsZS1jaHJvbWUvc3RhaG5vdXQvOjo6Y2xpY2toYW5kbGVyOjo6MTM3NzYyNzEwODc0NiwsLGh0dHA6Ly93d3cuc2x
user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1385375018809,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13&CUI=SB_CUI");
user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl_v2 Customized Web Search");
user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=SB_CUI&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
user_pref("browser.search.defaultenginename", "uTorrentControl_v2 Customized Web Search");
user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.b
user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANU
user_pref("smartbar.addressBarOwnerCTID", "CT3220468");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13&CUI=SB_CUI");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=SB_CUI&q=,hxxp://search.conduit.com/ResultsExt.a
user_pref("smartbar.defaultSearchOwnerCTID", "CT3220468");
user_pref("smartbar.machineId", "XO8HXRTGXY1E8/N+8QICROVORDMHMEH3WUH2SIMW58OHH9TOF3BG85OJLYR5CUA2KYN6E0EE7TNC/N0JPK2SFG");
user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
user_pref("smartbar.originalSearchAddressUrl", "");
user_pref("smartbar.originalSearchEngine", false);
~~~ Chrome
Failed to delete: [Folder] C:\Users\Rodina\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Folder] C:\Users\Rodina\appdata\local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Successfully deleted: [Folder] C:\Users\Rodina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 24.04.2014 at 20:51:57,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.
# AdwCleaner v3.202 - Report created 24/04/2014 at 20:59:38
# Updated 23/04/2014 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : Rodina - RODINA-PC
# Running from : C:\Users\Rodina\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : APNMCP
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Folder Deleted : C:\Program Files\Speed Analysis 3
Folder Deleted : C:\Users\Rodina\AppData\Local\Conduit
Folder Deleted : C:\Users\Rodina\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Rodina\AppData\Roaming\7go
File Deleted : C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\Extensions\speedanalysis03@SpeedAnalysis.com.xpi
File Deleted : C:\Users\Rodina\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.BackgroundHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Navbar
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Navbar.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Tool
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 3.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKCU\Software\5c6d8d9b135ec46
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{24F3378A-5B52-491F-AD90-88D583C42C77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{58B849FB-ECBE-4F1B-BEE0-2DC418CF68F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0771C34F-730F-4535-AD4C-37B74D27188E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{15998F3C-BBA9-476D-8FC2-09BE9E3B8751}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A09B0156-EFCE-46B4-9118-BC270EA654C1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D88E0FD9-31EB-48EF-BC89-35EBCE0E813C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF103732-4528-4322-AA8B-F7849AB7776B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D5963F5-A8C3-46F1-8B52-3047EB48238E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70D1F708-14B4-4F44-B2E4-E15DD1436ABC}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16476
-\\ Mozilla Firefox v14.0.1 (cs)
[ File : C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\prefs.js ]
Line Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN41754265177573147&SSPV=&Lay=1&UM=\"}");
Line Deleted : user_pref("CT3220468.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY2xhcml0eVJheS9jcl9hY3Rpdm[...]
Line Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2FResults.aspx%3Fq%3Dseznam.cz%26Suggest%3Dsezna%26stype%3DHomepage%26use[...]
Line Deleted : user_pref("CT3220468.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"11\\\\/22\\\\/2013 00\\\"}\"}");
Line Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2 \"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"1\"}");
Line Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1385375018809,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("extensions.kango.storage.m2_k1", "0");
Line Deleted : user_pref("extensions.kango.storage.m2_k2", "0");
Line Deleted : user_pref("extensions.kango.storage.m2_k3", "0");
Line Deleted : user_pref("extensions.kango.storage.m2_k4", "1385519017789");
Line Deleted : user_pref("extensions.kango.storage.m2_k5", "1385375155938");
Line Deleted : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
Line Deleted : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Line Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
-\\ Google Chrome v
[ File : C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3220468
Deleted [Search Provider] : hxxp://mixidj.delta-search.com/?q={searchTerms}&affID=121125&babsrc=SP_ss&mntrId=70605907000000000000001bfc5b526d
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.search.ask.com/web?tpid=ATU4-V7C&o= ... earchTerms}
Deleted [Startup_urls] : hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN ... 04-07&psv=
Deleted [Homepage] : hxxp://mixidj.delta-search.com/?affID=121125&babsrc=HP_ss&mntrId=70605907000000000000001bfc5b526d
*************************
AdwCleaner[R0].txt - [12166 octets] - [24/04/2014 20:53:58]
AdwCleaner[S0].txt - [11636 octets] - [24/04/2014 20:59:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11697 octets] ##########
Re: Vysoká odezva
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká odezva
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Rodina on źt 24.04.2014 at 21:51:19,75.
Microsoft Windows 7 Ultimate 6.1.7600 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rodina\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-24-194722.log 483 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\prefs.js:
user_pref("browser.search.order.1", "Mixi.DJ Search");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
user.js not found
---- Lines SpeedAnalysis removed from prefs.js ----
user_pref("extensions.speedanalysis03@SpeedAnalysis.com.id", "\"bfa5e2e5-5499-d1ee-0b8a-9d1d9a779840\"");
user_pref("extensions.speedanalysis03@SpeedAnalysis.com.mzID", "81");
user_pref("extensions.speedanalysis03@SpeedAnalysis.com.uuid", "\"2766e973-52ee-11e3-8099-0025901ef77c\"");
---- Lines SpeedAnalysis modified from prefs.js ----
user_pref("extensions.enabledAddons", "{97A78363-B868-4B48-AC91-A783A31215AF}:2.0.1,{7473b6bd-4691-4744-a82b-7854eb3d70b6}:10.20.0.513,speedanalysis03
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So
---- Lines {17E113E6-CD0E-4045-B154-65F0E57959EF} removed from prefs.js ----
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.extensionFirstRun", false);
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.lastExtensionVersion", "2.0.0.429");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_IMPI_dailyPing", "true|||1369231090939");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_IMPI_Installed", "true|||8641369144691022");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_installer_name", "ImpiSetup.exe");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_product_name", "IMPI");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_product_version", "2.0.0.429");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_pxl_IMPI_dailyPing", "dailyPing|||1369231090957");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_toolbarID", "b3269379bdf44cd38afafd7e7579caa8");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_whitespace_installation_date", "1369144691662|||8641369144691662");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.setdefaultsearch_2.0.0.429", false);
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.setdnscatch_2.0.0.429", false);
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.sethomepage_2.0.0.429", false);
---- FireFox user.js and prefs.js backups ----
prefs_24.04.2014_2201_.backup
==== Deleting Files \ Folders ======================
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\extensions\speedanalysis03@SpeedAnalysis.com.xpi not found
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\Rodina\AppData\Local\CRE deleted
C:\Users\Rodina\AppData\Local\SevereWeatherAlerts deleted
C:\Users\Rodina\AppData\Local\Weather_Notifications,_LL deleted
C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts deleted
C:\Users\Rodina\Downloads\iLividSetup-r484-n-bc.exe deleted
C:\Users\Rodina\Downloads\SoftonicDownloader_for_painttool-sai.exe deleted
C:\Users\Rodina\Downloads\SoftonicDownloader_for_surgeon-simulator-2013.exe deleted
C:\Windows\tasks\Registry Optimizer_DEFAULT.job deleted
C:\Windows\tasks\Registry Optimizer_UPDATES.job deleted
C:\Windows\System32\SETE7AB.tmp deleted
C:\Windows\System32\SETE849.tmp deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\searchplugins\utorrentcontrolv2-customized-web-search.xml deleted
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\CT3220468 deleted
"C:\PROGRA~2\77a09a808bcb60cf\{497C131E-2032-051B-B32A-C69A960FBB13}" deleted
"C:\PROGRA~2\77a09a808bcb60cf" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22.05.2013 17:49]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
- 7Go Games - %ProfilePath%\extensions\7go@7go.com.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
0D80C49D9A4A3E096296C67BD015F614 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
CB058B7AEC8BA542570678C4BE9F339A - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U10
7D35CB60201CED2F01AE06F1816231E2 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.100.18
667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Rodina\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
B78F4C2C592C87DF54E8E0C6AAEF3874 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleted Firefox Extensions ======================
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\extensions\7go@7go.com.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bcfjehbfanfhgoehogmbiebedkidedjb - C:\Users\Rodina\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx[]
nkjddnjnldjjnbjahcinkhkchijbjcmn - C:\ProgramData\AskPartnerNetwork\Toolbar\ATU4-V7C\CRX\ToolbarCR.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bcfjehbfanfhgoehogmbiebedkidedjb - C:\Users\Rodina\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx[]
safeweeb - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp
safeweeb - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp
safeweeb - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp
Facebook for Chrome - Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp
Cargo Bridge - Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn
Canvas Rider - Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk
==== Chrome Fix ======================
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentcontrolv2.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_slender.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_surgeon-simulator-2013.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mcskinsearch.com_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
==== Reset Google Chrome ======================
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nkjddnjnldjjnbjahcinkhkchijbjcmn deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb deleted successfully
==== Empty IE Cache ======================
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rodina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Rodina\AppData\Local\Mozilla\Firefox\Profiles\rlw8rv83.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=226 folders=42 42500670 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Rodina\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Rodina\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Rodina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on źt 24.04.2014 at 22:12:00,52 ======================
Tool run by Rodina on źt 24.04.2014 at 21:51:19,75.
Microsoft Windows 7 Ultimate 6.1.7600 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rodina\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-24-194722.log 483 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41545534-2D56-3743-00A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\prefs.js:
user_pref("browser.search.order.1", "Mixi.DJ Search");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
user.js not found
---- Lines SpeedAnalysis removed from prefs.js ----
user_pref("extensions.speedanalysis03@SpeedAnalysis.com.id", "\"bfa5e2e5-5499-d1ee-0b8a-9d1d9a779840\"");
user_pref("extensions.speedanalysis03@SpeedAnalysis.com.mzID", "81");
user_pref("extensions.speedanalysis03@SpeedAnalysis.com.uuid", "\"2766e973-52ee-11e3-8099-0025901ef77c\"");
---- Lines SpeedAnalysis modified from prefs.js ----
user_pref("extensions.enabledAddons", "{97A78363-B868-4B48-AC91-A783A31215AF}:2.0.1,{7473b6bd-4691-4744-a82b-7854eb3d70b6}:10.20.0.513,speedanalysis03
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So
---- Lines {17E113E6-CD0E-4045-B154-65F0E57959EF} removed from prefs.js ----
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.extensionFirstRun", false);
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.lastExtensionVersion", "2.0.0.429");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_IMPI_dailyPing", "true|||1369231090939");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_IMPI_Installed", "true|||8641369144691022");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_installer_name", "ImpiSetup.exe");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_product_name", "IMPI");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_product_version", "2.0.0.429");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_pxl_IMPI_dailyPing", "dailyPing|||1369231090957");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_toolbarID", "b3269379bdf44cd38afafd7e7579caa8");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.ScriptData_whitespace_installation_date", "1369144691662|||8641369144691662");
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.setdefaultsearch_2.0.0.429", false);
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.setdnscatch_2.0.0.429", false);
user_pref("{17E113E6-CD0E-4045-B154-65F0E57959EF}.sethomepage_2.0.0.429", false);
---- FireFox user.js and prefs.js backups ----
prefs_24.04.2014_2201_.backup
==== Deleting Files \ Folders ======================
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\extensions\speedanalysis03@SpeedAnalysis.com.xpi not found
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\Rodina\AppData\Local\CRE deleted
C:\Users\Rodina\AppData\Local\SevereWeatherAlerts deleted
C:\Users\Rodina\AppData\Local\Weather_Notifications,_LL deleted
C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts deleted
C:\Users\Rodina\Downloads\iLividSetup-r484-n-bc.exe deleted
C:\Users\Rodina\Downloads\SoftonicDownloader_for_painttool-sai.exe deleted
C:\Users\Rodina\Downloads\SoftonicDownloader_for_surgeon-simulator-2013.exe deleted
C:\Windows\tasks\Registry Optimizer_DEFAULT.job deleted
C:\Windows\tasks\Registry Optimizer_UPDATES.job deleted
C:\Windows\System32\SETE7AB.tmp deleted
C:\Windows\System32\SETE849.tmp deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\searchplugins\utorrentcontrolv2-customized-web-search.xml deleted
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\CT3220468 deleted
"C:\PROGRA~2\77a09a808bcb60cf\{497C131E-2032-051B-B32A-C69A960FBB13}" deleted
"C:\PROGRA~2\77a09a808bcb60cf" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22.05.2013 17:49]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
- 7Go Games - %ProfilePath%\extensions\7go@7go.com.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
0D80C49D9A4A3E096296C67BD015F614 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
CB058B7AEC8BA542570678C4BE9F339A - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U10
7D35CB60201CED2F01AE06F1816231E2 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.100.18
667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Rodina\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
B78F4C2C592C87DF54E8E0C6AAEF3874 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleted Firefox Extensions ======================
C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default\extensions\7go@7go.com.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bcfjehbfanfhgoehogmbiebedkidedjb - C:\Users\Rodina\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx[]
nkjddnjnldjjnbjahcinkhkchijbjcmn - C:\ProgramData\AskPartnerNetwork\Toolbar\ATU4-V7C\CRX\ToolbarCR.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bcfjehbfanfhgoehogmbiebedkidedjb - C:\Users\Rodina\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx[]
safeweeb - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp
safeweeb - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp
safeweeb - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp
Facebook for Chrome - Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp
Cargo Bridge - Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn
Canvas Rider - Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk
==== Chrome Fix ======================
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentcontrolv2.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_slender.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_surgeon-simulator-2013.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mcskinsearch.com_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocgcpkcncjocickhlcijingagmdkdlp deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
==== Reset Google Chrome ======================
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nkjddnjnldjjnbjahcinkhkchijbjcmn deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb deleted successfully
==== Empty IE Cache ======================
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rodina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Rodina\AppData\Local\Mozilla\Firefox\Profiles\rlw8rv83.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=226 folders=42 42500670 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Rodina\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Rodina\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Rodina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on źt 24.04.2014 at 22:12:00,52 ======================
Re: Vysoká odezva
Co je další krok?
Pokud je to vše, tak problém přetrvává
Pokud je to vše, tak problém přetrvává
Re: Vysoká odezva
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká odezva
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-04-2014 03
Ran by Rodina (administrator) on RODINA-PC on 26-04-2014 23:14:14
Running from C:\Users\Rodina\Desktop
Microsoft Windows 7 Ultimate (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(APN LLC.) C:\Users\Rodina\AppData\Local\VNT\vntldr.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(MAGIX®) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Rodina\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [4StoryPrePatch] => C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [VNT] => C:\Program Files\VNT\vntldr.exe [196048 2014-03-19] (APN LLC.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Facebook Update] => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-19] (Facebook Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [CatalinaGroup Update] => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [147440 2013-10-27] (Catalina Group Ltd.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Google Update] => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-13] (Google Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\MountPoints2: {1ab1e6b7-505c-11e2-a571-001bfc59c8a0} - E:\Install.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files\simplitec\simplicheck\simplicheck.exe (simplitec)
==================== Internet (Whitelisted) ====================
ProxyServer: proxy.nasi.ova.czf:3128
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @catalinahub.com/CatalinaGroup Update;version=3 - C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\1.3.25.201\npCatalinaUpdate3.dll No File
FF Plugin HKCU: @catalinahub.com/CatalinaGroup Update;version=9 - C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\1.3.25.201\npCatalinaUpdate3.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Rodina\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Rodina\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Rodina\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-27]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-26]
CHR Extension: (Disk Google) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-26]
CHR Extension: (YouTube) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-26]
CHR Extension: (Peněženka Google) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR Extension: (Gmail) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-26]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG)
R3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1682256 2014-04-15] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-08] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [175176 2013-06-28] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2012-12-27] ()
U3 al8mayvq; C:\Windows\system32\Drivers\al8mayvq.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-26 23:14 - 2014-04-26 23:14 - 00014268 _____ () C:\Users\Rodina\Desktop\FRST.txt
2014-04-26 23:12 - 2014-04-26 23:12 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Desktop\FRSTLauncher.exe
2014-04-26 23:10 - 2014-04-26 23:10 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 405120.crdownload
2014-04-26 23:09 - 2014-04-26 23:09 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 750418.crdownload
2014-04-26 23:08 - 2014-04-26 23:14 - 00000000 ____D () C:\FRST
2014-04-26 23:07 - 2014-04-26 23:08 - 01049088 _____ (Farbar) C:\Users\Rodina\Desktop\FRST.exe
2014-04-26 22:26 - 2014-04-26 22:26 - 04762474 _____ () C:\Users\Rodina\Downloads\GTA SA .exe 1.0us.rar
2014-04-26 22:19 - 2014-04-26 22:28 - 00000000 ____D () C:\Users\Rodina\Documents\GTA San Andreas User Files
2014-04-26 22:19 - 2014-04-26 22:19 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-04-26 22:18 - 2014-04-26 22:18 - 11990847 _____ () C:\Users\Rodina\Downloads\sa-mp-0.3z-R1-install (3).exe
2014-04-26 21:11 - 2014-04-26 21:11 - 00000000 ____D () C:\Users\Rodina\Documents\MAGIX
2014-04-26 19:51 - 2014-04-26 19:51 - 00000000 ____D () C:\Users\Rodina\Documents\MAGIX_MusicEditor
2014-04-26 19:51 - 2014-04-26 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-04-26 19:48 - 2014-04-26 21:11 - 00000000 ____D () C:\ProgramData\MAGIX
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Users\Public\Documents\MAGIX_Music_Maker_MX_Production_Suite_Download_Version
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\MAGIX
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Services
2014-04-26 19:31 - 2014-04-26 21:11 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\MAGIX
2014-04-26 19:30 - 2014-04-26 19:30 - 04076688 _____ (MAGIX AG) C:\Users\Rodina\Downloads\musicmaker_mx_productionsuite_dlm.exe
2014-04-25 22:20 - 2014-04-25 22:20 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0
2014-04-25 22:20 - 2014-04-25 22:20 - 00000000 ____D () C:\Games
2014-04-24 22:18 - 2014-04-24 22:18 - 00000069 _____ () C:\Users\Rodina\Downloads\code_7441_54251_0.txt
2014-04-24 22:03 - 2014-04-24 21:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-24 21:52 - 2014-04-24 21:47 - 00000483 _____ () C:\zoek-results2014-04-24-194722.log
2014-04-24 21:48 - 2014-04-24 21:50 - 01285120 _____ () C:\Users\Rodina\Desktop\zoek.exe
2014-04-24 21:46 - 2014-04-24 22:12 - 00015696 _____ () C:\zoek-results.log
2014-04-24 21:41 - 2014-04-24 21:43 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 331166.crdownload
2014-04-24 21:40 - 2014-04-24 22:02 - 00000000 ____D () C:\zoek_backup
2014-04-24 21:40 - 2014-04-24 21:40 - 04235514 _____ () C:\Users\Rodina\Downloads\zoek.rar
2014-04-24 21:39 - 2014-04-24 21:39 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 207767.crdownload
2014-04-24 20:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-04-24 20:53 - 2014-04-24 21:01 - 00000000 ____D () C:\AdwCleaner
2014-04-24 20:52 - 2014-04-24 20:52 - 01365865 _____ () C:\Users\Rodina\Desktop\adwcleaner.exe
2014-04-24 20:51 - 2014-04-24 20:51 - 00025137 _____ () C:\Users\Rodina\Desktop\JRT.txt
2014-04-24 20:45 - 2014-04-24 20:45 - 00000000 ____D () C:\Windows\ERUNT
2014-04-24 20:44 - 2014-04-24 20:44 - 01016261 _____ (Thisisu) C:\Users\Rodina\Desktop\JRT.exe
2014-04-24 20:08 - 2014-04-24 20:11 - 00000000 ____D () C:\Program Files\trend micro
2014-04-24 20:08 - 2014-04-24 20:09 - 00000000 ____D () C:\rsit
2014-04-24 20:08 - 2014-04-24 20:08 - 00781383 _____ () C:\Users\Rodina\Downloads\RSIT.exe
2014-04-24 19:07 - 2014-04-24 19:08 - 736798720 _____ () C:\Users\Rodina\Downloads\Hangover.Part.III.2013.avi
2014-04-21 21:15 - 2014-04-21 21:15 - 00000163 _____ () C:\Users\Rodina\Downloads\code_7439_54249_0.txt
2014-04-17 14:37 - 2014-04-17 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-17 14:37 - 2014-04-17 14:37 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-04-16 22:00 - 2014-04-16 22:00 - 00000000 ____D () C:\Program Files\Kozí šílenost
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goat Simulator 2014 v1.0.28141
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Program Files\references
2014-04-16 21:55 - 2014-04-16 21:57 - 00000000 ____D () C:\Program Files\Uninstall
2014-04-16 21:55 - 2014-04-16 21:55 - 00000000 ____D () C:\Program Files\redist
2014-04-16 21:55 - 2014-04-16 21:55 - 00000000 ____D () C:\2-click run
2014-04-16 18:25 - 2014-04-16 20:07 - 00000000 ____D () C:\Users\Rodina\Downloads\Goat Simulator 2014 v1.0.28141 (2-click run)
2014-04-16 16:24 - 2014-04-16 16:24 - 00003897 _____ () C:\Users\Rodina\Downloads\code_11595_79036_0.txt
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Nico Mak Computing
2014-04-07 22:06 - 2014-04-07 22:06 - 00001144 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Users\Rodina\AppData\Local\VNT
2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Program Files\VNT
2014-04-07 22:04 - 2014-04-07 22:05 - 17282640 _____ (DsNET Corp) C:\Users\Rodina\Downloads\aTubeCatcher (1).exe
2014-04-07 19:33 - 2014-04-07 19:33 - 00000000 ____D () C:\Users\Rodina\AppData\Local\Chromium
2014-04-07 19:31 - 2014-04-07 19:31 - 00000000 ____D () C:\Users\Rodina\AppData\Local\The Lord of the Rings Online
2014-04-07 19:28 - 2014-04-07 19:42 - 00000000 ____D () C:\Users\Rodina\Documents\The Lord of the Rings Online
2014-04-07 19:28 - 2014-04-07 19:29 - 00000000 ____D () C:\Users\Rodina\AppData\Local\Turbine
2014-04-07 19:17 - 2014-04-07 19:44 - 00000000 ____D () C:\ProgramData\Turbine
2014-04-07 19:15 - 2014-04-07 19:44 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-04-07 19:15 - 2014-04-07 19:15 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2014-04-07 19:12 - 2014-04-07 19:13 - 08711768 _____ () C:\Users\Rodina\Downloads\LOTROProgressive_4.28.exe
2014-04-03 12:11 - 2014-04-03 12:11 - 06395887 _____ () C:\Users\Rodina\Downloads\Fresh_Pork (1).wmv
2014-04-03 12:10 - 2014-04-03 12:11 - 06395887 _____ () C:\Users\Rodina\Downloads\Fresh_Pork.wmv
2014-03-27 22:08 - 2014-03-27 22:08 - 00000339 _____ () C:\Users\Rodina\Downloads\code_8523_60545_0.txt
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Guest
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Administrator
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\ProgramData\Suafeuweb
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Program Files\Suafeuweb
2014-03-27 15:41 - 2014-03-27 15:41 - 00323768 _____ (Puresafe) C:\Users\Rodina\Downloads\The Strangers 2008 UNRATED BRRip x264-EBX.exe
==================== One Month Modified Files and Folders =======
2014-04-26 23:14 - 2014-04-26 23:14 - 00014268 _____ () C:\Users\Rodina\Desktop\FRST.txt
2014-04-26 23:14 - 2014-04-26 23:08 - 00000000 ____D () C:\FRST
2014-04-26 23:13 - 2013-01-29 20:10 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\uTorrent
2014-04-26 23:12 - 2014-04-26 23:12 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Desktop\FRSTLauncher.exe
2014-04-26 23:10 - 2014-04-26 23:10 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 405120.crdownload
2014-04-26 23:09 - 2014-04-26 23:09 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 750418.crdownload
2014-04-26 23:08 - 2014-04-26 23:07 - 01049088 _____ (Farbar) C:\Users\Rodina\Desktop\FRST.exe
2014-04-26 23:07 - 2014-01-17 20:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 23:03 - 2012-12-27 21:27 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Skype
2014-04-26 22:58 - 2014-03-25 15:19 - 00000000 ____D () C:\Users\Rodina\AppData\Local\LogMeIn Hamachi
2014-04-26 22:58 - 2009-07-14 06:34 - 00013584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 22:58 - 2009-07-14 06:34 - 00013584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 22:57 - 2013-10-27 17:47 - 00000996 _____ () C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
2014-04-26 22:42 - 2013-11-13 20:19 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
2014-04-26 22:28 - 2014-04-26 22:19 - 00000000 ____D () C:\Users\Rodina\Documents\GTA San Andreas User Files
2014-04-26 22:26 - 2014-04-26 22:26 - 04762474 _____ () C:\Users\Rodina\Downloads\GTA SA .exe 1.0us.rar
2014-04-26 22:19 - 2014-04-26 22:19 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-04-26 22:19 - 2013-02-02 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-04-26 22:18 - 2014-04-26 22:18 - 11990847 _____ () C:\Users\Rodina\Downloads\sa-mp-0.3z-R1-install (3).exe
2014-04-26 22:18 - 2013-06-30 14:11 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 22:08 - 2012-12-28 12:47 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-26 22:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-04-26 21:54 - 2012-12-27 21:36 - 00126952 _____ () C:\Users\Rodina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-26 21:12 - 2014-03-19 11:21 - 00191384 ____N () C:\Windows\WindowsUpdate.log
2014-04-26 21:11 - 2014-04-26 21:11 - 00000000 ____D () C:\Users\Rodina\Documents\MAGIX
2014-04-26 21:11 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\MAGIX
2014-04-26 21:11 - 2014-04-26 19:31 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\MAGIX
2014-04-26 21:03 - 2013-08-19 14:58 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
2014-04-26 19:51 - 2014-04-26 19:51 - 00000000 ____D () C:\Users\Rodina\Documents\MAGIX_MusicEditor
2014-04-26 19:51 - 2014-04-26 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Users\Public\Documents\MAGIX_Music_Maker_MX_Production_Suite_Download_Version
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\MAGIX
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Services
2014-04-26 19:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-04-26 19:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-26 19:42 - 2013-11-13 20:19 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
2014-04-26 19:30 - 2014-04-26 19:30 - 04076688 _____ (MAGIX AG) C:\Users\Rodina\Downloads\musicmaker_mx_productionsuite_dlm.exe
2014-04-26 17:25 - 2013-06-30 14:11 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-26 17:25 - 2012-12-28 18:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-26 17:25 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-25 22:20 - 2014-04-25 22:20 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0
2014-04-25 22:20 - 2014-04-25 22:20 - 00000000 ____D () C:\Games
2014-04-25 22:19 - 2012-12-28 17:38 - 00000000 ___RD () C:\Users\Rodina\Desktop\hry
2014-04-25 16:57 - 2013-10-27 17:47 - 00000944 _____ () C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
2014-04-24 22:18 - 2014-04-24 22:18 - 00000069 _____ () C:\Users\Rodina\Downloads\code_7441_54251_0.txt
2014-04-24 22:12 - 2014-04-24 21:46 - 00015696 _____ () C:\zoek-results.log
2014-04-24 22:02 - 2014-04-24 21:40 - 00000000 ____D () C:\zoek_backup
2014-04-24 22:01 - 2013-09-14 18:56 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-04-24 21:51 - 2014-04-24 22:03 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-24 21:50 - 2014-04-24 21:48 - 01285120 _____ () C:\Users\Rodina\Desktop\zoek.exe
2014-04-24 21:47 - 2014-04-24 21:52 - 00000483 _____ () C:\zoek-results2014-04-24-194722.log
2014-04-24 21:43 - 2014-04-24 21:41 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 331166.crdownload
2014-04-24 21:40 - 2014-04-24 21:40 - 04235514 _____ () C:\Users\Rodina\Downloads\zoek.rar
2014-04-24 21:39 - 2014-04-24 21:39 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 207767.crdownload
2014-04-24 21:01 - 2014-04-24 20:53 - 00000000 ____D () C:\AdwCleaner
2014-04-24 20:52 - 2014-04-24 20:52 - 01365865 _____ () C:\Users\Rodina\Desktop\adwcleaner.exe
2014-04-24 20:51 - 2014-04-24 20:51 - 00025137 _____ () C:\Users\Rodina\Desktop\JRT.txt
2014-04-24 20:45 - 2014-04-24 20:45 - 00000000 ____D () C:\Windows\ERUNT
2014-04-24 20:44 - 2014-04-24 20:44 - 01016261 _____ (Thisisu) C:\Users\Rodina\Desktop\JRT.exe
2014-04-24 20:11 - 2014-04-24 20:08 - 00000000 ____D () C:\Program Files\trend micro
2014-04-24 20:09 - 2014-04-24 20:08 - 00000000 ____D () C:\rsit
2014-04-24 20:08 - 2014-04-24 20:08 - 00781383 _____ () C:\Users\Rodina\Downloads\RSIT.exe
2014-04-24 19:08 - 2014-04-24 19:07 - 736798720 _____ () C:\Users\Rodina\Downloads\Hangover.Part.III.2013.avi
2014-04-23 15:03 - 2013-08-19 14:58 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
2014-04-22 20:30 - 2013-04-13 21:47 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\TS3Client
2014-04-22 16:20 - 2011-02-25 17:58 - 00000000 ___RD () C:\Users\Rodina\Desktop\Sem nelez
2014-04-21 21:15 - 2014-04-21 21:15 - 00000163 _____ () C:\Users\Rodina\Downloads\code_7439_54249_0.txt
2014-04-20 15:39 - 2013-10-23 16:49 - 00000000 ___RD () C:\Users\Rodina\Desktop\Hudba
2014-04-20 14:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-19 19:02 - 2007-01-01 09:52 - 01585238 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 14:37 - 2014-04-17 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-17 14:37 - 2014-04-17 14:37 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-04-16 22:00 - 2014-04-16 22:00 - 00000000 ____D () C:\Program Files\Kozí šílenost
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goat Simulator 2014 v1.0.28141
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Program Files\references
2014-04-16 21:57 - 2014-04-16 21:55 - 00000000 ____D () C:\Program Files\Uninstall
2014-04-16 21:57 - 2014-01-28 17:06 - 00000000 ____D () C:\Users\Rodina\Documents\My Games
2014-04-16 21:55 - 2014-04-16 21:55 - 00000000 ____D () C:\Program Files\redist
2014-04-16 21:55 - 2014-04-16 21:55 - 00000000 ____D () C:\2-click run
2014-04-16 20:07 - 2014-04-16 18:25 - 00000000 ____D () C:\Users\Rodina\Downloads\Goat Simulator 2014 v1.0.28141 (2-click run)
2014-04-16 16:24 - 2014-04-16 16:24 - 00003897 _____ () C:\Users\Rodina\Downloads\code_11595_79036_0.txt
2014-04-11 20:52 - 2013-09-16 21:53 - 00002370 _____ () C:\Users\Rodina\Desktop\Google Chrome.lnk
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Nico Mak Computing
2014-04-07 22:06 - 2014-04-07 22:06 - 00001144 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Users\Rodina\AppData\Local\VNT
2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Program Files\VNT
2014-04-07 22:05 - 2014-04-07 22:04 - 17282640 _____ (DsNET Corp) C:\Users\Rodina\Downloads\aTubeCatcher (1).exe
2014-04-07 19:44 - 2014-04-07 19:17 - 00000000 ____D () C:\ProgramData\Turbine
2014-04-07 19:44 - 2014-04-07 19:15 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-04-07 19:42 - 2014-04-07 19:28 - 00000000 ____D () C:\Users\Rodina\Documents\The Lord of the Rings Online
2014-04-07 19:33 - 2014-04-07 19:33 - 00000000 ____D () C:\Users\Rodina\AppData\Local\Chromium
2014-04-07 19:31 - 2014-04-07 19:31 - 00000000 ____D () C:\Users\Rodina\AppData\Local\The Lord of the Rings Online
2014-04-07 19:29 - 2014-04-07 19:28 - 00000000 ____D () C:\Users\Rodina\AppData\Local\Turbine
2014-04-07 19:15 - 2014-04-07 19:15 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2014-04-07 19:13 - 2014-04-07 19:12 - 08711768 _____ () C:\Users\Rodina\Downloads\LOTROProgressive_4.28.exe
2014-04-03 12:11 - 2014-04-03 12:11 - 06395887 _____ () C:\Users\Rodina\Downloads\Fresh_Pork (1).wmv
2014-04-03 12:11 - 2014-04-03 12:10 - 06395887 _____ () C:\Users\Rodina\Downloads\Fresh_Pork.wmv
2014-03-27 22:08 - 2014-03-27 22:08 - 00000339 _____ () C:\Users\Rodina\Downloads\code_8523_60545_0.txt
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Guest
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Administrator
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\ProgramData\Suafeuweb
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Program Files\Suafeuweb
2014-03-27 15:41 - 2014-03-27 15:41 - 00323768 _____ (Puresafe) C:\Users\Rodina\Downloads\The Strangers 2008 UNRATED BRRip x264-EBX.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll
[2009-07-14 01:40] - [2009-07-14 03:16] - 0811520 ____A (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Available physical RAM: 1499.76 MB
Total physical RAM: 3070.49 MB
Percentage of memory in use: 51%
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Rodina\Desktop" je 72421 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Rodina (administrator) on RODINA-PC on 26-04-2014 23:14:14
Running from C:\Users\Rodina\Desktop
Microsoft Windows 7 Ultimate (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(APN LLC.) C:\Users\Rodina\AppData\Local\VNT\vntldr.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(MAGIX®) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rodina\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Rodina\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [4StoryPrePatch] => C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [VNT] => C:\Program Files\VNT\vntldr.exe [196048 2014-03-19] (APN LLC.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Facebook Update] => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-19] (Facebook Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [CatalinaGroup Update] => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [147440 2013-10-27] (Catalina Group Ltd.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Google Update] => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-13] (Google Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\MountPoints2: {1ab1e6b7-505c-11e2-a571-001bfc59c8a0} - E:\Install.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files\simplitec\simplicheck\simplicheck.exe (simplitec)
==================== Internet (Whitelisted) ====================
ProxyServer: proxy.nasi.ova.czf:3128
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Rodina\AppData\Roaming\Mozilla\Firefox\Profiles\rlw8rv83.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @catalinahub.com/CatalinaGroup Update;version=3 - C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\1.3.25.201\npCatalinaUpdate3.dll No File
FF Plugin HKCU: @catalinahub.com/CatalinaGroup Update;version=9 - C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\1.3.25.201\npCatalinaUpdate3.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Rodina\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Rodina\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Rodina\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-27]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-26]
CHR Extension: (Disk Google) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-26]
CHR Extension: (YouTube) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-26]
CHR Extension: (Peněženka Google) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR Extension: (Gmail) - C:\Users\Rodina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-26]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG)
R3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1682256 2014-04-15] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-08] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [175176 2013-06-28] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2012-12-27] ()
U3 al8mayvq; C:\Windows\system32\Drivers\al8mayvq.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-26 23:14 - 2014-04-26 23:14 - 00014268 _____ () C:\Users\Rodina\Desktop\FRST.txt
2014-04-26 23:12 - 2014-04-26 23:12 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Desktop\FRSTLauncher.exe
2014-04-26 23:10 - 2014-04-26 23:10 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 405120.crdownload
2014-04-26 23:09 - 2014-04-26 23:09 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 750418.crdownload
2014-04-26 23:08 - 2014-04-26 23:14 - 00000000 ____D () C:\FRST
2014-04-26 23:07 - 2014-04-26 23:08 - 01049088 _____ (Farbar) C:\Users\Rodina\Desktop\FRST.exe
2014-04-26 22:26 - 2014-04-26 22:26 - 04762474 _____ () C:\Users\Rodina\Downloads\GTA SA .exe 1.0us.rar
2014-04-26 22:19 - 2014-04-26 22:28 - 00000000 ____D () C:\Users\Rodina\Documents\GTA San Andreas User Files
2014-04-26 22:19 - 2014-04-26 22:19 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-04-26 22:18 - 2014-04-26 22:18 - 11990847 _____ () C:\Users\Rodina\Downloads\sa-mp-0.3z-R1-install (3).exe
2014-04-26 21:11 - 2014-04-26 21:11 - 00000000 ____D () C:\Users\Rodina\Documents\MAGIX
2014-04-26 19:51 - 2014-04-26 19:51 - 00000000 ____D () C:\Users\Rodina\Documents\MAGIX_MusicEditor
2014-04-26 19:51 - 2014-04-26 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-04-26 19:48 - 2014-04-26 21:11 - 00000000 ____D () C:\ProgramData\MAGIX
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Users\Public\Documents\MAGIX_Music_Maker_MX_Production_Suite_Download_Version
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\MAGIX
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Services
2014-04-26 19:31 - 2014-04-26 21:11 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\MAGIX
2014-04-26 19:30 - 2014-04-26 19:30 - 04076688 _____ (MAGIX AG) C:\Users\Rodina\Downloads\musicmaker_mx_productionsuite_dlm.exe
2014-04-25 22:20 - 2014-04-25 22:20 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0
2014-04-25 22:20 - 2014-04-25 22:20 - 00000000 ____D () C:\Games
2014-04-24 22:18 - 2014-04-24 22:18 - 00000069 _____ () C:\Users\Rodina\Downloads\code_7441_54251_0.txt
2014-04-24 22:03 - 2014-04-24 21:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-24 21:52 - 2014-04-24 21:47 - 00000483 _____ () C:\zoek-results2014-04-24-194722.log
2014-04-24 21:48 - 2014-04-24 21:50 - 01285120 _____ () C:\Users\Rodina\Desktop\zoek.exe
2014-04-24 21:46 - 2014-04-24 22:12 - 00015696 _____ () C:\zoek-results.log
2014-04-24 21:41 - 2014-04-24 21:43 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 331166.crdownload
2014-04-24 21:40 - 2014-04-24 22:02 - 00000000 ____D () C:\zoek_backup
2014-04-24 21:40 - 2014-04-24 21:40 - 04235514 _____ () C:\Users\Rodina\Downloads\zoek.rar
2014-04-24 21:39 - 2014-04-24 21:39 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 207767.crdownload
2014-04-24 20:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-04-24 20:53 - 2014-04-24 21:01 - 00000000 ____D () C:\AdwCleaner
2014-04-24 20:52 - 2014-04-24 20:52 - 01365865 _____ () C:\Users\Rodina\Desktop\adwcleaner.exe
2014-04-24 20:51 - 2014-04-24 20:51 - 00025137 _____ () C:\Users\Rodina\Desktop\JRT.txt
2014-04-24 20:45 - 2014-04-24 20:45 - 00000000 ____D () C:\Windows\ERUNT
2014-04-24 20:44 - 2014-04-24 20:44 - 01016261 _____ (Thisisu) C:\Users\Rodina\Desktop\JRT.exe
2014-04-24 20:08 - 2014-04-24 20:11 - 00000000 ____D () C:\Program Files\trend micro
2014-04-24 20:08 - 2014-04-24 20:09 - 00000000 ____D () C:\rsit
2014-04-24 20:08 - 2014-04-24 20:08 - 00781383 _____ () C:\Users\Rodina\Downloads\RSIT.exe
2014-04-24 19:07 - 2014-04-24 19:08 - 736798720 _____ () C:\Users\Rodina\Downloads\Hangover.Part.III.2013.avi
2014-04-21 21:15 - 2014-04-21 21:15 - 00000163 _____ () C:\Users\Rodina\Downloads\code_7439_54249_0.txt
2014-04-17 14:37 - 2014-04-17 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-17 14:37 - 2014-04-17 14:37 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-04-16 22:00 - 2014-04-16 22:00 - 00000000 ____D () C:\Program Files\Kozí šílenost
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goat Simulator 2014 v1.0.28141
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Program Files\references
2014-04-16 21:55 - 2014-04-16 21:57 - 00000000 ____D () C:\Program Files\Uninstall
2014-04-16 21:55 - 2014-04-16 21:55 - 00000000 ____D () C:\Program Files\redist
2014-04-16 21:55 - 2014-04-16 21:55 - 00000000 ____D () C:\2-click run
2014-04-16 18:25 - 2014-04-16 20:07 - 00000000 ____D () C:\Users\Rodina\Downloads\Goat Simulator 2014 v1.0.28141 (2-click run)
2014-04-16 16:24 - 2014-04-16 16:24 - 00003897 _____ () C:\Users\Rodina\Downloads\code_11595_79036_0.txt
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Nico Mak Computing
2014-04-07 22:06 - 2014-04-07 22:06 - 00001144 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Users\Rodina\AppData\Local\VNT
2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Program Files\VNT
2014-04-07 22:04 - 2014-04-07 22:05 - 17282640 _____ (DsNET Corp) C:\Users\Rodina\Downloads\aTubeCatcher (1).exe
2014-04-07 19:33 - 2014-04-07 19:33 - 00000000 ____D () C:\Users\Rodina\AppData\Local\Chromium
2014-04-07 19:31 - 2014-04-07 19:31 - 00000000 ____D () C:\Users\Rodina\AppData\Local\The Lord of the Rings Online
2014-04-07 19:28 - 2014-04-07 19:42 - 00000000 ____D () C:\Users\Rodina\Documents\The Lord of the Rings Online
2014-04-07 19:28 - 2014-04-07 19:29 - 00000000 ____D () C:\Users\Rodina\AppData\Local\Turbine
2014-04-07 19:17 - 2014-04-07 19:44 - 00000000 ____D () C:\ProgramData\Turbine
2014-04-07 19:15 - 2014-04-07 19:44 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-04-07 19:15 - 2014-04-07 19:15 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2014-04-07 19:12 - 2014-04-07 19:13 - 08711768 _____ () C:\Users\Rodina\Downloads\LOTROProgressive_4.28.exe
2014-04-03 12:11 - 2014-04-03 12:11 - 06395887 _____ () C:\Users\Rodina\Downloads\Fresh_Pork (1).wmv
2014-04-03 12:10 - 2014-04-03 12:11 - 06395887 _____ () C:\Users\Rodina\Downloads\Fresh_Pork.wmv
2014-03-27 22:08 - 2014-03-27 22:08 - 00000339 _____ () C:\Users\Rodina\Downloads\code_8523_60545_0.txt
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Guest
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Administrator
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\ProgramData\Suafeuweb
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Program Files\Suafeuweb
2014-03-27 15:41 - 2014-03-27 15:41 - 00323768 _____ (Puresafe) C:\Users\Rodina\Downloads\The Strangers 2008 UNRATED BRRip x264-EBX.exe
==================== One Month Modified Files and Folders =======
2014-04-26 23:14 - 2014-04-26 23:14 - 00014268 _____ () C:\Users\Rodina\Desktop\FRST.txt
2014-04-26 23:14 - 2014-04-26 23:08 - 00000000 ____D () C:\FRST
2014-04-26 23:13 - 2013-01-29 20:10 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\uTorrent
2014-04-26 23:12 - 2014-04-26 23:12 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Desktop\FRSTLauncher.exe
2014-04-26 23:10 - 2014-04-26 23:10 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 405120.crdownload
2014-04-26 23:09 - 2014-04-26 23:09 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 750418.crdownload
2014-04-26 23:08 - 2014-04-26 23:07 - 01049088 _____ (Farbar) C:\Users\Rodina\Desktop\FRST.exe
2014-04-26 23:07 - 2014-01-17 20:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 23:03 - 2012-12-27 21:27 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Skype
2014-04-26 22:58 - 2014-03-25 15:19 - 00000000 ____D () C:\Users\Rodina\AppData\Local\LogMeIn Hamachi
2014-04-26 22:58 - 2009-07-14 06:34 - 00013584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 22:58 - 2009-07-14 06:34 - 00013584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 22:57 - 2013-10-27 17:47 - 00000996 _____ () C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
2014-04-26 22:42 - 2013-11-13 20:19 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
2014-04-26 22:28 - 2014-04-26 22:19 - 00000000 ____D () C:\Users\Rodina\Documents\GTA San Andreas User Files
2014-04-26 22:26 - 2014-04-26 22:26 - 04762474 _____ () C:\Users\Rodina\Downloads\GTA SA .exe 1.0us.rar
2014-04-26 22:19 - 2014-04-26 22:19 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-04-26 22:19 - 2013-02-02 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-04-26 22:18 - 2014-04-26 22:18 - 11990847 _____ () C:\Users\Rodina\Downloads\sa-mp-0.3z-R1-install (3).exe
2014-04-26 22:18 - 2013-06-30 14:11 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 22:08 - 2012-12-28 12:47 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-26 22:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-04-26 21:54 - 2012-12-27 21:36 - 00126952 _____ () C:\Users\Rodina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-26 21:12 - 2014-03-19 11:21 - 00191384 ____N () C:\Windows\WindowsUpdate.log
2014-04-26 21:11 - 2014-04-26 21:11 - 00000000 ____D () C:\Users\Rodina\Documents\MAGIX
2014-04-26 21:11 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\MAGIX
2014-04-26 21:11 - 2014-04-26 19:31 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\MAGIX
2014-04-26 21:03 - 2013-08-19 14:58 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job
2014-04-26 19:51 - 2014-04-26 19:51 - 00000000 ____D () C:\Users\Rodina\Documents\MAGIX_MusicEditor
2014-04-26 19:51 - 2014-04-26 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Users\Public\Documents\MAGIX_Music_Maker_MX_Production_Suite_Download_Version
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\simplitec
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\MAGIX
2014-04-26 19:48 - 2014-04-26 19:48 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Services
2014-04-26 19:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-04-26 19:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-26 19:42 - 2013-11-13 20:19 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
2014-04-26 19:30 - 2014-04-26 19:30 - 04076688 _____ (MAGIX AG) C:\Users\Rodina\Downloads\musicmaker_mx_productionsuite_dlm.exe
2014-04-26 17:25 - 2013-06-30 14:11 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-26 17:25 - 2012-12-28 18:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-26 17:25 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-25 22:20 - 2014-04-25 22:20 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlagueInc 1.0
2014-04-25 22:20 - 2014-04-25 22:20 - 00000000 ____D () C:\Games
2014-04-25 22:19 - 2012-12-28 17:38 - 00000000 ___RD () C:\Users\Rodina\Desktop\hry
2014-04-25 16:57 - 2013-10-27 17:47 - 00000944 _____ () C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
2014-04-24 22:18 - 2014-04-24 22:18 - 00000069 _____ () C:\Users\Rodina\Downloads\code_7441_54251_0.txt
2014-04-24 22:12 - 2014-04-24 21:46 - 00015696 _____ () C:\zoek-results.log
2014-04-24 22:02 - 2014-04-24 21:40 - 00000000 ____D () C:\zoek_backup
2014-04-24 22:01 - 2013-09-14 18:56 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-04-24 21:51 - 2014-04-24 22:03 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-24 21:50 - 2014-04-24 21:48 - 01285120 _____ () C:\Users\Rodina\Desktop\zoek.exe
2014-04-24 21:47 - 2014-04-24 21:52 - 00000483 _____ () C:\zoek-results2014-04-24-194722.log
2014-04-24 21:43 - 2014-04-24 21:41 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 331166.crdownload
2014-04-24 21:40 - 2014-04-24 21:40 - 04235514 _____ () C:\Users\Rodina\Downloads\zoek.rar
2014-04-24 21:39 - 2014-04-24 21:39 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 207767.crdownload
2014-04-24 21:01 - 2014-04-24 20:53 - 00000000 ____D () C:\AdwCleaner
2014-04-24 20:52 - 2014-04-24 20:52 - 01365865 _____ () C:\Users\Rodina\Desktop\adwcleaner.exe
2014-04-24 20:51 - 2014-04-24 20:51 - 00025137 _____ () C:\Users\Rodina\Desktop\JRT.txt
2014-04-24 20:45 - 2014-04-24 20:45 - 00000000 ____D () C:\Windows\ERUNT
2014-04-24 20:44 - 2014-04-24 20:44 - 01016261 _____ (Thisisu) C:\Users\Rodina\Desktop\JRT.exe
2014-04-24 20:11 - 2014-04-24 20:08 - 00000000 ____D () C:\Program Files\trend micro
2014-04-24 20:09 - 2014-04-24 20:08 - 00000000 ____D () C:\rsit
2014-04-24 20:08 - 2014-04-24 20:08 - 00781383 _____ () C:\Users\Rodina\Downloads\RSIT.exe
2014-04-24 19:08 - 2014-04-24 19:07 - 736798720 _____ () C:\Users\Rodina\Downloads\Hangover.Part.III.2013.avi
2014-04-23 15:03 - 2013-08-19 14:58 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job
2014-04-22 20:30 - 2013-04-13 21:47 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\TS3Client
2014-04-22 16:20 - 2011-02-25 17:58 - 00000000 ___RD () C:\Users\Rodina\Desktop\Sem nelez
2014-04-21 21:15 - 2014-04-21 21:15 - 00000163 _____ () C:\Users\Rodina\Downloads\code_7439_54249_0.txt
2014-04-20 15:39 - 2013-10-23 16:49 - 00000000 ___RD () C:\Users\Rodina\Desktop\Hudba
2014-04-20 14:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-19 19:02 - 2007-01-01 09:52 - 01585238 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 14:37 - 2014-04-17 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-17 14:37 - 2014-04-17 14:37 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-04-16 22:00 - 2014-04-16 22:00 - 00000000 ____D () C:\Program Files\Kozí šílenost
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goat Simulator 2014 v1.0.28141
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-04-16 21:57 - 2014-04-16 21:57 - 00000000 ____D () C:\Program Files\references
2014-04-16 21:57 - 2014-04-16 21:55 - 00000000 ____D () C:\Program Files\Uninstall
2014-04-16 21:57 - 2014-01-28 17:06 - 00000000 ____D () C:\Users\Rodina\Documents\My Games
2014-04-16 21:55 - 2014-04-16 21:55 - 00000000 ____D () C:\Program Files\redist
2014-04-16 21:55 - 2014-04-16 21:55 - 00000000 ____D () C:\2-click run
2014-04-16 20:07 - 2014-04-16 18:25 - 00000000 ____D () C:\Users\Rodina\Downloads\Goat Simulator 2014 v1.0.28141 (2-click run)
2014-04-16 16:24 - 2014-04-16 16:24 - 00003897 _____ () C:\Users\Rodina\Downloads\code_11595_79036_0.txt
2014-04-11 20:52 - 2013-09-16 21:53 - 00002370 _____ () C:\Users\Rodina\Desktop\Google Chrome.lnk
2014-04-07 22:07 - 2014-04-07 22:07 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Nico Mak Computing
2014-04-07 22:06 - 2014-04-07 22:06 - 00001144 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Users\Rodina\AppData\Local\VNT
2014-04-07 22:06 - 2014-04-07 22:06 - 00000000 ____D () C:\Program Files\VNT
2014-04-07 22:05 - 2014-04-07 22:04 - 17282640 _____ (DsNET Corp) C:\Users\Rodina\Downloads\aTubeCatcher (1).exe
2014-04-07 19:44 - 2014-04-07 19:17 - 00000000 ____D () C:\ProgramData\Turbine
2014-04-07 19:44 - 2014-04-07 19:15 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-04-07 19:42 - 2014-04-07 19:28 - 00000000 ____D () C:\Users\Rodina\Documents\The Lord of the Rings Online
2014-04-07 19:33 - 2014-04-07 19:33 - 00000000 ____D () C:\Users\Rodina\AppData\Local\Chromium
2014-04-07 19:31 - 2014-04-07 19:31 - 00000000 ____D () C:\Users\Rodina\AppData\Local\The Lord of the Rings Online
2014-04-07 19:29 - 2014-04-07 19:28 - 00000000 ____D () C:\Users\Rodina\AppData\Local\Turbine
2014-04-07 19:15 - 2014-04-07 19:15 - 00000000 ____D () C:\Users\Rodina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2014-04-07 19:13 - 2014-04-07 19:12 - 08711768 _____ () C:\Users\Rodina\Downloads\LOTROProgressive_4.28.exe
2014-04-03 12:11 - 2014-04-03 12:11 - 06395887 _____ () C:\Users\Rodina\Downloads\Fresh_Pork (1).wmv
2014-04-03 12:11 - 2014-04-03 12:10 - 06395887 _____ () C:\Users\Rodina\Downloads\Fresh_Pork.wmv
2014-03-27 22:08 - 2014-03-27 22:08 - 00000339 _____ () C:\Users\Rodina\Downloads\code_8523_60545_0.txt
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Guest
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Users\Administrator
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\ProgramData\Suafeuweb
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Program Files\Suafeuweb
2014-03-27 15:41 - 2014-03-27 15:41 - 00323768 _____ (Puresafe) C:\Users\Rodina\Downloads\The Strangers 2008 UNRATED BRRip x264-EBX.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll
[2009-07-14 01:40] - [2009-07-14 03:16] - 0811520 ____A (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Available physical RAM: 1499.76 MB
Total physical RAM: 3070.49 MB
Percentage of memory in use: 51%
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Rodina\Desktop" je 72421 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (8.21 KiB) Staženo 40 x
Re: Vysoká odezva
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [4StoryPrePatch] => C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\Run: [VNT] => C:\Program Files\VNT\vntldr.exe [196048 2014-03-19] (APN LLC.) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.) HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd) HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Facebook Update] => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-19] (Facebook Inc.) HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [CatalinaGroup Update] => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [147440 2013-10-27] (Catalina Group Ltd.) HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Google Update] => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-13] (Google Inc.) HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\MountPoints2: {1ab1e6b7-505c-11e2-a571-001bfc59c8a0} - E:\Install.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk ProxyServer: proxy.nasi.ova.czf:3128 SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} U3 al8mayvq; C:\Windows\system32\Drivers\al8mayvq.sys [0 ] (Microsoft Corporation) 014-04-26 23:12 - 2014-04-26 23:12 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Desktop\FRSTLauncher.exe 2014-04-26 23:10 - 2014-04-26 23:10 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 405120.crdownload 2014-04-26 23:09 - 2014-04-26 23:09 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 750418.crdownload 2014-04-24 22:03 - 2014-04-24 21:51 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-04-24 21:52 - 2014-04-24 21:47 - 00000483 _____ () C:\zoek-results2014-04-24-194722.log 2014-04-24 21:48 - 2014-04-24 21:50 - 01285120 _____ () C:\Users\Rodina\Desktop\zoek.exe 2014-04-24 21:46 - 2014-04-24 22:12 - 00015696 _____ () C:\zoek-results.log 2014-04-24 21:41 - 2014-04-24 21:43 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 331166.crdownload 2014-04-24 21:40 - 2014-04-24 22:02 - 00000000 ____D () C:\zoek_backup 2014-04-24 21:40 - 2014-04-24 21:40 - 04235514 _____ () C:\Users\Rodina\Downloads\zoek.rar 2014-04-24 20:52 - 2014-04-24 20:52 - 01365865 _____ () C:\Users\Rodina\Desktop\adwcleaner.exe 2014-04-24 20:51 - 2014-04-24 20:51 - 00025137 _____ () C:\Users\Rodina\Desktop\JRT.txt 2014-04-24 20:44 - 2014-04-24 20:44 - 01016261 _____ (Thisisu) C:\Users\Rodina\Desktop\JRT.exe 2014-04-24 20:08 - 2014-04-24 20:08 - 00781383 _____ () C:\Users\Rodina\Downloads\RSIT.exe 2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\ProgramData\Suafeuweb 2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Program Files\Suafeuweb Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe Hosts: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vysoká odezva
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-04-2014
Ran by Rodina at 2014-04-28 17:05:01 Run:1
Running from C:\Users\Rodina\Desktop\Věci na opravu
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [4StoryPrePatch] => C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [VNT] => C:\Program Files\VNT\vntldr.exe [196048 2014-03-19] (APN LLC.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Facebook Update] => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-19] (Facebook Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [CatalinaGroup Update] => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [147440 2013-10-27] (Catalina Group Ltd.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Google Update] => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-13] (Google Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\MountPoints2: {1ab1e6b7-505c-11e2-a571-001bfc59c8a0} - E:\Install.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ProxyServer: proxy.nasi.ova.czf:3128
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
U3 al8mayvq; C:\Windows\system32\Drivers\al8mayvq.sys [0 ] (Microsoft Corporation)
014-04-26 23:12 - 2014-04-26 23:12 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Desktop\FRSTLauncher.exe
2014-04-26 23:10 - 2014-04-26 23:10 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 405120.crdownload
2014-04-26 23:09 - 2014-04-26 23:09 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 750418.crdownload
2014-04-24 22:03 - 2014-04-24 21:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-24 21:52 - 2014-04-24 21:47 - 00000483 _____ () C:\zoek-results2014-04-24-194722.log
2014-04-24 21:48 - 2014-04-24 21:50 - 01285120 _____ () C:\Users\Rodina\Desktop\zoek.exe
2014-04-24 21:46 - 2014-04-24 22:12 - 00015696 _____ () C:\zoek-results.log
2014-04-24 21:41 - 2014-04-24 21:43 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 331166.crdownload
2014-04-24 21:40 - 2014-04-24 22:02 - 00000000 ____D () C:\zoek_backup
2014-04-24 21:40 - 2014-04-24 21:40 - 04235514 _____ () C:\Users\Rodina\Downloads\zoek.rar
2014-04-24 20:52 - 2014-04-24 20:52 - 01365865 _____ () C:\Users\Rodina\Desktop\adwcleaner.exe
2014-04-24 20:51 - 2014-04-24 20:51 - 00025137 _____ () C:\Users\Rodina\Desktop\JRT.txt
2014-04-24 20:44 - 2014-04-24 20:44 - 01016261 _____ (Thisisu) C:\Users\Rodina\Desktop\JRT.exe
2014-04-24 20:08 - 2014-04-24 20:08 - 00781383 _____ () C:\Users\Rodina\Downloads\RSIT.exe
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\ProgramData\Suafeuweb
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Program Files\Suafeuweb
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe
Hosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\4StoryPrePatch => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\VNT => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CatalinaGroup Update => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ab1e6b7-505c-11e2-a571-001bfc59c8a0} => Key deleted successfully.
HKCR\CLSID\{1ab1e6b7-505c-11e2-a571-001bfc59c8a0} => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
al8mayvq => Service not found.
"C:\Users\Rodina\Downloads\Nepotvrzeno 405120.crdownload" => File/Directory not found.
"C:\Users\Rodina\Downloads\Nepotvrzeno 750418.crdownload" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results2014-04-24-194722.log => Moved successfully.
C:\Users\Rodina\Desktop\zoek.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Users\Rodina\Downloads\Nepotvrzeno 331166.crdownload => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Rodina\Downloads\zoek.rar => Moved successfully.
C:\Users\Rodina\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Rodina\Desktop\JRT.txt => Moved successfully.
C:\Users\Rodina\Desktop\JRT.exe => Moved successfully.
C:\Users\Rodina\Downloads\RSIT.exe => Moved successfully.
C:\ProgramData\Suafeuweb => Moved successfully.
C:\Program Files\Suafeuweb => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => Moved successfully.
C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
==== End of Fixlog ====
Ran by Rodina at 2014-04-28 17:05:01 Run:1
Running from C:\Users\Rodina\Desktop\Věci na opravu
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [4StoryPrePatch] => C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [VNT] => C:\Program Files\VNT\vntldr.exe [196048 2014-03-19] (APN LLC.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Facebook Update] => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-19] (Facebook Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [CatalinaGroup Update] => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [147440 2013-10-27] (Catalina Group Ltd.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\Run: [Google Update] => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-13] (Google Inc.)
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\...\MountPoints2: {1ab1e6b7-505c-11e2-a571-001bfc59c8a0} - E:\Install.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ProxyServer: proxy.nasi.ova.czf:3128
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
U3 al8mayvq; C:\Windows\system32\Drivers\al8mayvq.sys [0 ] (Microsoft Corporation)
014-04-26 23:12 - 2014-04-26 23:12 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Desktop\FRSTLauncher.exe
2014-04-26 23:10 - 2014-04-26 23:10 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 405120.crdownload
2014-04-26 23:09 - 2014-04-26 23:09 - 00112640 _____ (forum.viry.cz) C:\Users\Rodina\Downloads\Nepotvrzeno 750418.crdownload
2014-04-24 22:03 - 2014-04-24 21:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-24 21:52 - 2014-04-24 21:47 - 00000483 _____ () C:\zoek-results2014-04-24-194722.log
2014-04-24 21:48 - 2014-04-24 21:50 - 01285120 _____ () C:\Users\Rodina\Desktop\zoek.exe
2014-04-24 21:46 - 2014-04-24 22:12 - 00015696 _____ () C:\zoek-results.log
2014-04-24 21:41 - 2014-04-24 21:43 - 04095370 _____ () C:\Users\Rodina\Downloads\Nepotvrzeno 331166.crdownload
2014-04-24 21:40 - 2014-04-24 22:02 - 00000000 ____D () C:\zoek_backup
2014-04-24 21:40 - 2014-04-24 21:40 - 04235514 _____ () C:\Users\Rodina\Downloads\zoek.rar
2014-04-24 20:52 - 2014-04-24 20:52 - 01365865 _____ () C:\Users\Rodina\Desktop\adwcleaner.exe
2014-04-24 20:51 - 2014-04-24 20:51 - 00025137 _____ () C:\Users\Rodina\Desktop\JRT.txt
2014-04-24 20:44 - 2014-04-24 20:44 - 01016261 _____ (Thisisu) C:\Users\Rodina\Desktop\JRT.exe
2014-04-24 20:08 - 2014-04-24 20:08 - 00781383 _____ () C:\Users\Rodina\Downloads\RSIT.exe
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\ProgramData\Suafeuweb
2014-03-27 15:42 - 2014-03-27 15:42 - 00000000 ____D () C:\Program Files\Suafeuweb
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => C:\Users\Rodina\AppData\Local\Google\Update\GoogleUpdate.exe
Hosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\4StoryPrePatch => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\VNT => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CatalinaGroup Update => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKU\S-1-5-21-2665223569-581265439-3035855539-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ab1e6b7-505c-11e2-a571-001bfc59c8a0} => Key deleted successfully.
HKCR\CLSID\{1ab1e6b7-505c-11e2-a571-001bfc59c8a0} => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
al8mayvq => Service not found.
"C:\Users\Rodina\Downloads\Nepotvrzeno 405120.crdownload" => File/Directory not found.
"C:\Users\Rodina\Downloads\Nepotvrzeno 750418.crdownload" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results2014-04-24-194722.log => Moved successfully.
C:\Users\Rodina\Desktop\zoek.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Users\Rodina\Downloads\Nepotvrzeno 331166.crdownload => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Rodina\Downloads\zoek.rar => Moved successfully.
C:\Users\Rodina\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Rodina\Desktop\JRT.txt => Moved successfully.
C:\Users\Rodina\Desktop\JRT.exe => Moved successfully.
C:\Users\Rodina\Downloads\RSIT.exe => Moved successfully.
C:\ProgramData\Suafeuweb => Moved successfully.
C:\Program Files\Suafeuweb => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => Moved successfully.
C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2665223569-581265439-3035855539-1001UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
==== End of Fixlog ====
Re: Vysoká odezva
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
Doporucuji provest defragmentaci disku
Napiste co PC
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Doporucuji provest defragmentaci disku
- Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
- Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
- Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace
Napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?