100% využití procesoru

Zpráva

LuksaCZ · #1 Příspěvek od **LuksaCZ** » 19 kvě 2014 14:36

Dobrý den,
mám problém se 100% využitím procesoru. Ať počítač zapnu, restartuju mám tam ihned po "startu" 100% využití. Udělal jsem i úplnou kontrolu počítače(Microsoft Security Essentials). Našlo mi to Trojany ale i po odstranění i restartu jsem měl pořád 100%.
Za odpovědi předem děkuji.

#2 Příspěvek od **vyosek** » 19 kvě 2014 14:40

Zdravim

Ktery proces jej zatezuje??

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

LuksaCZ · #3 Příspěvek od **LuksaCZ** » 19 kvě 2014 15:23

Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2014-05-19 16:09:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 26 GB (26%) free of 100 GB
Total RAM: 4087 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:09:44, on 19.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe
C:\Windows\vsnpstd3.exe
C:\Users\PC\AppData\Roaming\Microsoft\Protect\Credentials\crss.exe
C:\Users\PC\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\PC\AppData\Roaming\SkypEmoticons\SE.exe
D:\Zoner Photo Studio 15 PRO\Photo Studio 15\Program32\ZPSTray.exe
C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
C:\Program Files (x86)\SiteRanker\SiteRankTray.exe
C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe
D:\zálohy\cbInterface.exe
C:\Program Files (x86)\Genius\Maurus\mousehid.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Windows\tsnpstd3.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\inf\msxsex\msxsex.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1373061067
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://btsearch.name
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1373061067
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchsun.info/?pid=26 ... Z&unqvl=52
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: YouTube Downloader - {031afb00-725a-4ede-9d27-a2b5fac89e9a} - C:\PROGRA~2\YOUTUB~1\YouTube Downloader.dll
O2 - BHO: CrossriderApp0035574 - {11111111-1111-1111-1111-110311551174} - C:\Program Files (x86)\FTdownloader V4.0\FTdownloader V4.0-bho.dll
O2 - BHO: MediaBuzzV1mode3485 - {12ecac86-1726-475f-a23c-7fd3add3e6de} - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ie\MediaBuzzV1mode3485.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: save nete - {5B976A35-4DB5-5E82-59B3-7C302B87EE17} - C:\Program Files (x86)\save nete\78V.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RichMediaViewV1release2525 - {ca5a84b5-a411-4248-bf6d-0d9b9306257c} - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ie\RichMediaViewV1release2525.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: MediaPlayerV1alpha796 - {f2d84f2d-b72d-4fc8-8c93-d7c64f63f145} - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha796\ie\MediaPlayerV1alpha796.dll (file missing)
O3 - Toolbar: YouTube Downloader - {031afb00-725a-4ede-9d27-a2b5fac89e9a} - C:\PROGRA~2\YOUTUB~1\YouTube Downloader.dll
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\quick time\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SiteRanker] "C:\Program Files (x86)\SiteRanker\SiteRankTray.exe"
O4 - HKLM\..\Run: [YouTube Downloader_Helper] C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe
O4 - HKLM\..\Run: [Cobian Backup 11 interface] D:\zálohy\cbInterface.exe -service
O4 - HKLM\..\Run: [Maurus] C:\Program Files (x86)\Genius\Maurus\mousehid.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [Babakan] cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20131027 (exit) else (start http://dinoraptzor.org && exit)
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [DApp] C:\Program Files\PCDApp\start.vbs
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Microsoft? Windows? Operating System] C:\Users\PC\AppData\Roaming\Microsoft\Protect\Credentials\crss.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\PC\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\PC\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [se] "C:\Users\PC\AppData\Roaming\SkypEmoticons\SE.exe" /minimized
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] D:\ZONER PHOTO STUDIO 15 PRO\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Exetender_298] "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender_298] "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup (User 'Default user')
O4 - Startup: Dropbox.lnk = PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: GmoteServer.lnk = C:\Program Files (x86)\GmoteServer\GmoteServer.exe
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 4.22.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4504A1FD-E8B8-4BBD-AF58-1A26672804D9}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\PROGRA~2\REBATE~1\RebateI.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\sw-boo~1\assist~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
O23 - Service: AllShare Play Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Unknown owner - C:\Program Files (x86)\MyPC Backup\BackupStack.exe (file missing)
O23 - Service: BingBar Service (BBSvc) - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptSvc.exe
O23 - Service: Cobian Backup 11 Volume Shadow Copy Requester (cbVSCService11) - CobianSoft, Luis Cobian - D:\zálohy\cbVSCService11.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - D:\zálohy\cbService.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\PC\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
O23 - Service: Desk 365 service (desksvc) - 337 Technology Limited. - C:\Program Files (x86)\Desk 365\deskSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Mp3Tube Toolbar Updater Service (Mp3Tube Toolbar Service) - Mp3Tube - C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files\PCDApp\StartHelp.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Tether - Unknown owner - D:\Tether\TBService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Unknown owner - C:\Users\PC\Desktop\pepa\wamp\bin\apache\apache2.2.17\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - C:\Users\PC\Desktop\pepa\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - cake bake - C:\Program Files (x86)\WADesktop.Updater.exe
O23 - Service: Webcamera Plus Service - Ateksoft Company Ltd. - C:\Program Files (x86)\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 21410 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Desk 365\deskSvc.exe"
"C:\Program Files (x86)\WinZipper\winzipersvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe"
\??\C:\Windows\system32\conhost.exe "-50965056013603238071623280097-1276640013-18157287781193978135-29368561166986594
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
D:\zálohy\cbVSCService11.exe
D:\zálohy\cbService.exe
"C:\Windows\system32\rundll32.exe" "c:\progra~2\sw-boo~1\AssistantSvc.dll",service
"C:\Windows\system32\rundll32.exe" "c:\progra~2\sw-boo~1\AssistantSvc.dll",service
"C:\Users\PC\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
\??\C:\Windows\system32\conhost.exe "-1647044323-2129221447961484331961015244-2087556305-20377447551267740447-1074525223
"C:\Program Files\PCDApp\dgen.exe" x14 6001
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
D:\Tether\TBService.exe
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files (x86)\WADesktop.Updater.exe"
"C:\Program Files (x86)\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 2184
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {F0761857-4761-4C79-B510-4A51805003C4}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe" c4b45d7de8f5e158e83eefb1f9bbad70
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
c:\programdata\itsmyapp\sw-booster\SW-Booster.exe /schedule /profile "c:\programdata\itsmyapp\sw-booster\702149676.ini"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\vsnpstd3.exe"
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Users\PC\AppData\Roaming\Microsoft\Protect\Credentials\crss.exe"
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Users\PC\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\PC\AppData\Roaming\SkypEmoticons\SE.exe" /minimized
"D:\Zoner Photo Studio 15 PRO\Photo Studio 15\Program32\ZPSTray.exe"
szndesktop.exe default start
"C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Users\PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "149684001310348809801077969721193440198213770544311667430913-18322331041917899949
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe"
"C:\Program Files (x86)\SiteRanker\SiteRankTray.exe"
"C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\zálohy\cbInterface.exe" -service
"C:\Program Files (x86)\Genius\Maurus\mousehid.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"C:\Windows\tsnpstd3.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\inf\msxsex\msxsex.exe -o stratum+tcp://mint.bitminter.com:3333 -u vickyya_girlbtc -p minethat
\??\C:\Windows\system32\conhost.exe "67287728-9717259191370606645-574394207122894170810372008951886968970356594550
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://uloz.to/xaBbQx7K/snapcapture-v1-32-b-11-apk"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7104.0.616553822\305888930" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,28 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x68b8 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.911.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R5_Stable_Control/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="7104.1.1009437342\771515585" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R5_Stable_Control/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="7104.3.1226077999\2037658505" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="7104.6.175943562\704511294" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_EnableZeroSuggest_R5_Stable_Control/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/Disabled/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="7104.15.1765977707\1412789581" /prefetch:673131151
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "D:\BreakingBad\Breaking Bad\Breaking Bad season 2\Breaking.Bad.S02E04 Down.480p.BRRip.x264-BoB.mkv"
taskhost.exe $(Arg0)
"D:\Lukša downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job
C:\Windows\tasks\FTdownloader V4.0-codedownloader.job
C:\Windows\tasks\FTdownloader V4.0-enabler.job
C:\Windows\tasks\FTdownloader V4.0-updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job
C:\Windows\tasks\SW-Booster-S-702149676.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
C:\PROGRA~2\SITERA~1\SiteR64.dll [2014-04-03 6463376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension64.dll [2013-06-30 215896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B976A35-4DB5-5E82-59B3-7C302B87EE17}]
save nete - C:\Program Files (x86)\save nete\78V.x64.dll [2014-05-11 472064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
Loader Class - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\BROWSE~1.DLL [2011-08-09 118168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
YouTube Downloader - C:\PROGRA~2\YOUTUB~1\YouTube Downloader.dll [2012-11-06 446464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551174}]
FTdownloader V4.0 - C:\Program Files (x86)\FTdownloader V4.0\FTdownloader V4.0-bho.dll [2013-07-05 748032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{12ecac86-1726-475f-a23c-7fd3add3e6de}]
Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ie\MediaBuzzV1mode3485.dll [2014-04-24 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension32.dll [2013-06-30 170840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B976A35-4DB5-5E82-59B3-7C302B87EE17}]
save nete - C:\Program Files (x86)\save nete\78V.dll [2014-05-11 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
DefaultTab Browser Helper - C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2014-05-13 468600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ca5a84b5-a411-4248-bf6d-0d9b9306257c}]
Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ie\RichMediaViewV1release2525.dll [2014-05-13 87552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f2d84f2d-b72d-4fc8-8c93-d7c64f63f145}]
Media Player - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha796\ie\MediaPlayerV1alpha796.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{031afb00-725a-4ede-9d27-a2b5fac89e9a} - YouTube Downloader - C:\PROGRA~2\YOUTUB~1\YouTube Downloader.dll [2012-11-06 446464]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"AllShare Play"=C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [2013-01-24 407384]
"snpstd3"=C:\Windows\vsnpstd3.exe [2006-09-18 843776]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft? Windows? Operating System"=C:\Users\PC\AppData\Roaming\Microsoft\Protect\Credentials\crss.exe [2011-12-12 9728]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-27 136176]
"cz.seznam.software.autoupdate"=C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Desk 365"=C:\Program Files (x86)\Desk 365\desk365.exe /autorun []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"BitTorrent"=C:\Users\PC\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-05-12 1242704]
"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10 20922016]
"se"=C:\Users\PC\AppData\Roaming\SkypEmoticons\SE.exe [2014-05-11 5679008]
"Zoner Photo Studio Autoupdate"=D:\ZONER PHOTO STUDIO 15 PRO\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]
"GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-05-08 841032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []
"DATAMNGR"=C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE [2011-11-10 1694608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-25 343168]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-10-11 309688]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-05-29 115032]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-02-26 295728]
"QuickTime Task"=D:\quick time\QTTask.exe [2012-10-25 421888]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
""= []
"Adobe Acrobat Speed Launcher"=D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrobat_sl.exe []
"Acrobat Assistant 8.0"=D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrotray.exe []
"SiteRanker"=C:\Program Files (x86)\SiteRanker\SiteRankTray.exe [2014-04-11 1076696]
"YouTube Downloader_Helper"=C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe [2012-11-06 1434112]
"Cobian Backup 11 interface"=D:\zálohy\cbInterface.exe [2012-12-06 4407808]
"Maurus"=C:\Program Files (x86)\Genius\Maurus\mousehid.exe [2011-11-14 300544]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2012-11-01 104088]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2007-06-15 368640]
"Babakan"=cmd.exe /k if %date:~3,2%%date:~0,2% LEQ 20131027 (exit) else (start http://dinoraptzor.org && exit) []
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []
"DApp"=C:\Program Files\PCDApp\start.vbs [2014-04-10 178]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-05-13 3814736]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamersFirst LIVE!.lnk - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
GmoteServer.lnk - C:\Program Files (x86)\GmoteServer\GmoteServer.exe
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
PdaNet Desktop.lnk - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-05-19 16:09:23 ----D---- C:\Program Files\trend micro
2014-05-19 16:09:22 ----D---- C:\rsit
2014-05-17 13:39:24 ----A---- C:\Users\PC\AppData\Roaming\alsoft.ini
2014-05-17 13:39:23 ----D---- C:\Users\PC\AppData\Roaming\FEZ
2014-05-17 12:29:26 ----D---- C:\Users\PC\AppData\Roaming\SpaceEngineers
2014-05-16 18:56:55 ----D---- C:\ProgramData\SystemRequirementsLab
2014-05-16 18:44:37 ----D---- C:\Users\PC\AppData\Roaming\Riot Games
2014-05-14 15:45:25 ----D---- C:\Users\PC\AppData\Roaming\DropboxMaster
2014-05-14 15:43:13 ----D---- C:\Program Files (x86)\RichMediaViewV1
2014-05-14 14:57:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-05-14 14:01:16 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 12:54:28 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 12:54:28 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 12:54:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-14 12:54:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 12:10:47 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 12:10:46 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 12:07:03 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 12:07:02 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 12:07:02 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 12:07:02 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 12:07:02 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 12:07:01 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 12:07:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 12:07:01 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 12:07:01 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 12:07:01 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 12:07:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 12:07:01 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 12:07:00 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 12:07:00 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 12:07:00 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 12:07:00 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 12:07:00 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 12:07:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 12:06:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 12:06:59 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 12:06:59 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 12:06:59 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 12:06:59 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 12:06:59 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 12:06:58 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 12:06:58 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 12:06:58 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 12:06:58 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 12:06:58 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 12:06:58 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 12:06:58 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 12:06:58 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 12:06:57 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 12:06:57 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 12:06:57 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-14 12:06:57 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 12:06:57 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 12:06:57 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 12:06:57 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 12:06:57 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 12:06:57 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 12:06:12 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 12:06:11 ----A---- C:\Windows\system32\aeinv.dll
2014-05-11 17:35:30 ----D---- C:\Program Files\PCDApp
2014-05-11 17:35:18 ----D---- C:\ProgramData\IconCache
2014-05-11 16:57:10 ----D---- C:\Users\PC\AppData\Roaming\SkypEmoticons
2014-05-11 16:57:02 ----D---- C:\Windows\SYSWOW64\X86
2014-05-11 16:57:02 ----D---- C:\Windows\SYSWOW64\AMD64
2014-05-11 16:56:48 ----D---- C:\ProgramData\ItsMyApp
2014-05-11 16:56:41 ----D---- C:\Program Files (x86)\SW-Booster
2014-05-11 16:56:03 ----D---- C:\ProgramData\save nete
2014-05-11 16:56:03 ----D---- C:\ProgramData\26e159859d863b13
2014-05-11 16:56:00 ----D---- C:\Program Files (x86)\save nete
2014-05-09 16:48:02 ----D---- C:\Program Files (x86)\Dark Team
2014-05-08 21:03:09 ----D---- C:\Program Files (x86)\Vinyl Artist
2014-05-07 19:45:49 ----D---- C:\Users\PC\AppData\Roaming\Need for Speed World
2014-05-06 22:20:21 ----SD---- C:\Windows\system32\CompatTel
2014-04-29 16:19:26 ----D---- C:\Users\PC\AppData\Roaming\Oracle
2014-04-29 16:17:44 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-04-29 16:17:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-04-29 16:17:38 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-04-29 16:17:38 ----A---- C:\Windows\SYSWOW64\java.exe
2014-04-25 20:38:48 ----D---- C:\Program Files (x86)\Microsoft Chart Controls
2014-04-25 13:47:49 ----D---- C:\Program Files (x86)\MediaBuzzV1

======List of files/folders modified in the last 1 months======

2014-05-19 16:09:36 ----D---- C:\Windows\Temp
2014-05-19 16:09:23 ----RD---- C:\Program Files
2014-05-19 16:05:56 ----D---- C:\Users\PC\AppData\Roaming\BitTorrent
2014-05-19 16:00:46 ----D---- C:\Users\PC\AppData\Roaming\Skype
2014-05-19 15:50:10 ----D---- C:\Windows\system32\config
2014-05-19 14:38:06 ----D---- C:\Users\PC\AppData\Roaming\Sony
2014-05-19 14:38:06 ----D---- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2014-05-19 14:37:59 ----D---- C:\Users\PC\AppData\Roaming\Ventrilo
2014-05-19 14:37:59 ----D---- C:\Users\PC\AppData\Roaming\TS3Client
2014-05-19 14:37:59 ----D---- C:\Program Files (x86)\PDFCreator
2014-05-19 14:36:31 ----SHD---- C:\Windows\Installer
2014-05-19 14:36:19 ----D---- C:\Windows\SysWOW64
2014-05-19 14:36:03 ----D---- C:\Windows\Panther
2014-05-19 14:36:03 ----D---- C:\Windows\inf
2014-05-19 14:35:45 ----D---- C:\Windows\Logs
2014-05-19 14:35:44 ----D---- C:\Windows\debug
2014-05-19 14:35:43 ----D---- C:\Windows\Minidump
2014-05-19 14:35:43 ----D---- C:\Windows
2014-05-19 14:31:35 ----D---- C:\Program Files\CCleaner
2014-05-19 14:28:33 ----D---- C:\Users\PC\AppData\Roaming\Seznam.cz
2014-05-19 14:25:30 ----D---- C:\Users\PC\AppData\Roaming\Dropbox
2014-05-19 14:24:08 ----D---- C:\Users\PC\AppData\Roaming\newnext.me
2014-05-19 14:19:34 ----D---- C:\Program Files (x86)\WinZipper
2014-05-19 14:19:33 ----D---- C:\Program Files (x86)\Desk 365
2014-05-19 14:17:11 ----D---- C:\ProgramData\VMware
2014-05-19 14:10:43 ----HD---- C:\ProgramData
2014-05-19 07:18:30 ----D---- C:\Program Files (x86)\SiteRanker
2014-05-18 20:48:19 ----RD---- C:\Program Files (x86)
2014-05-18 13:11:49 ----SHD---- C:\System Volume Information
2014-05-17 13:39:21 ----D---- C:\Windows\System32
2014-05-16 19:52:51 ----D---- C:\ProgramData\PMB Files
2014-05-16 18:56:56 ----SHD---- C:\Config.Msi
2014-05-16 18:56:55 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2014-05-16 18:46:27 ----D---- C:\Windows\Tasks
2014-05-16 18:46:14 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2014-05-16 18:23:28 ----RSD---- C:\Windows\assembly
2014-05-16 15:51:51 ----D---- C:\Windows\Prefetch
2014-05-15 21:28:52 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2014-05-15 21:28:52 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2014-05-15 21:28:52 ----A---- C:\Windows\system32\wrap_oal.dll
2014-05-15 21:28:52 ----A---- C:\Windows\system32\OpenAL32.dll
2014-05-15 11:50:59 ----D---- C:\Windows\rescache
2014-05-14 19:52:27 ----D---- C:\Windows\Microsoft.NET
2014-05-14 16:03:06 ----D---- C:\Windows\system32\Tasks
2014-05-14 14:57:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-14 14:00:48 ----D---- C:\Windows\winsxs
2014-05-14 13:58:23 ----D---- C:\Windows\system32\cs-CZ
2014-05-14 13:58:20 ----D---- C:\Windows\system32\drivers
2014-05-14 12:54:32 ----D---- C:\Windows\system32\catroot
2014-05-14 12:53:57 ----D---- C:\Windows\system32\MRT
2014-05-14 12:47:23 ----A---- C:\Windows\system32\MRT.exe
2014-05-14 12:10:37 ----D---- C:\Windows\system32\catroot2
2014-05-11 16:57:28 ----D---- C:\ProgramData\InstallMate
2014-05-11 16:55:49 ----RD---- C:\Users
2014-04-30 20:07:27 ----D---- C:\Users\PC\AppData\Roaming\Mozilla
2014-04-29 16:19:06 ----D---- C:\ProgramData\Oracle
2014-04-29 16:17:38 ----D---- C:\Program Files (x86)\Java
2014-04-29 14:45:13 ----D---- C:\AllShare Play
2014-04-28 18:17:40 ----D---- C:\Users\PC\AppData\Roaming\.minecraft
2014-04-25 20:38:16 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-04-25 20:37:53 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-04-24 20:48:40 ----D---- C:\Program Files\TeamSpeak 3 Client
2014-04-21 12:55:26 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-10-24 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-10-24 70296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-25 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2012-10-18 30592]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-12-19 237992]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-12-19 120232]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-10-11 52376]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-04-30 43168]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2012-11-01 45720]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2012-11-01 30360]
R2 VMparport;VMware VMparport; \??\C:\Windows\system32\drivers\VMparport.sys [2012-11-01 31384]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2012-11-01 67224]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi10-shared.sys [2011-07-12 33392]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-26 10496512]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-26 326656]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2007-05-02 10503168]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 TSVAD_PCM;Wirecast Virtual Microphone Driver; C:\Windows\system32\drivers\tsvadpcm.sys [2012-08-22 33552]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-12-19 132008]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-12-19 146856]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2012-11-01 20120]
S1 dhecwuae;dhecwuae; \??\C:\Windows\system32\drivers\dhecwuae.sys []
S1 fifymkoi;fifymkoi; \??\C:\Windows\system32\drivers\fifymkoi.sys []
S1 ISODisk;ISODisk; C:\Windows\system32\drivers\ISODisk.sys []
S1 nrpzggvd;nrpzggvd; \??\C:\Windows\system32\drivers\nrpzggvd.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-04-30 311968]
S3 BRDriver64;BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [2013-12-01 75048]
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-08-19 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-08-19 27760]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-12-02 27136]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 qrkis;Tether Miniport; C:\Windows\system32\DRIVERS\qrkis.sys [2010-11-17 50856]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [2012-10-23 408184]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-26 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester; D:\zálohy\cbVSCService11.exe [2012-12-05 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity; D:\zálohy\cbService.exe [2012-12-06 1131008]
R2 d0e87c27;SW-Sustainer; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\PC\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2012-10-18 107520]
R2 desksvc;Desk 365 service; C:\Program Files (x86)\Desk 365\deskSvc.exe [2013-07-05 424016]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-05-13 2228048]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 377616]
R2 Mp3Tube Toolbar Service;Mp3Tube Toolbar Updater Service; C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe [2011-04-29 227840]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-04-25 76888]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-04-25 189248]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
R2 Tether;Tether; D:\Tether\TBService.exe [2011-09-29 52664]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2012-11-01 79872]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2012-11-01 357016]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2012-11-01 435864]
R2 WebCake Desktop Updater;WebCake Desktop Updater; C:\Program Files (x86)\WADesktop.Updater.exe [2013-08-03 51992]
R2 Webcamera Plus Service;Webcamera Plus Service; C:\Program Files (x86)\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe [2009-07-26 46592]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 AllShare Play Service;AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [2013-01-24 662600]
S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe []
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-04 136176]
S2 ProtectMonitor;Protect Monitor; C:\Program Files\PCDApp\StartHelp.exe [2014-05-09 97232]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 BRSptSvc;BitRaider Mini-Support Service; C:\ProgramData\BitRaider\BRSptSvc.exe [2013-12-01 477960]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2013-02-17 137336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-04 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-18 564416]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-02-14 736104]
S3 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-11-01 13234176]
S3 wampapache;wampapache; C:\Users\PC\Desktop\pepa\wamp\bin\apache\apache2.2.17\bin\httpd.exe -k runservice []
S3 wampmysqld;wampmysqld; C:\Users\PC\Desktop\pepa\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe wampmysqld []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-28 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 19 kvě 2014 15:29

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

LuksaCZ · #5 Příspěvek od **LuksaCZ** » 19 kvě 2014 16:25

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.05.19.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
PC :: IRONMAN-PC [administrator]

19.5.2014 16:41:31
mbar-log-2014-05-19 (16-41-31).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 372246
Time elapsed: 35 minute(s), 10 second(s)

Memory Processes Detected: 4
C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe (Adware.Mp3Tube) -> 2444 -> Delete on reboot.
C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe (Adware.Mp3Tube) -> 1740 -> Delete on reboot.
C:\Users\PC\AppData\Roaming\Microsoft\Protect\Credentials\crss.exe (Trojan.FakeMS.ED) -> 4444 -> Delete on reboot.
C:\Windows\inf\msxsex\msxsex.exe (BitcoinMiner) -> 7052 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 25
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Mp3Tube Toolbar Service (Adware.Mp3Tube) -> Delete on reboot.
HKCU\SOFTWARE\CLASSES\APPID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE} (Adware.Hotbar) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{4E674574-3F0B-491d-8AE3-F90B43A34FD6} (Adware.Hotbar) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Delete on reboot.
HKCU\SOFTWARE\CLASSES\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Delete on reboot.
HKCU\SOFTWARE\CLASSES\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C} (Adware.ShoppingReport2) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C} (Adware.ShoppingReport2) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Delete on reboot.
HKCU\SOFTWARE\ClickPotatoLiteSA (Adware.ClickPotato) -> Delete on reboot.
HKCU\SOFTWARE\DC3_FEXEC (Malware.Trace) -> Delete on reboot.
HKCU\SOFTWARE\CLASSES\APPID\MenuButtonIE.DLL (Adware.ClickPotato) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\Mp3Tube (Adware.Mp3Tube) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IspAssistant-Mp3Tube (Adware.Adware.MP3TubeToolBar) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Mp3Tube Toolbar (Adware.Mp3Tube) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HOMEPAGE PROTECTION SERVICE (Adware.Mp3Tube) -> Delete on reboot.

Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Microsoft? Windows? Operating System (Trojan.FakeMS.ED) -> Data: C:\Users\PC\AppData\Roaming\Microsoft\Protect\Credentials\crss.exe -> Delete on reboot.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|NtVdmSrv (Malware.Trace) -> Data: C:\Windows\inf\ntvdm.vbe -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HOMEPAGE PROTECTION SERVICE|UninstallString (Adware.Mp3Tube) -> Data: C:\Program Files (x86)\Mp3Tube Toolbar\uninstall.exe hpp /S -> Delete on reboot.

Registry Data Items Detected: 4
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL (Hijack.StartPage) -> Bad: (http://www.qvo6.com/?utm_source=b&utm_m ... 1373061067) Good: (http://www.google.com) -> Replace on reboot.
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL (Hijack.StartPage) -> Bad: (http://www.qvo6.com/?utm_source=b&utm_m ... 1373061067) Good: (http://www.google.com) -> Replace on reboot.
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page (Hijack.StartPage) -> Bad: (http://www.qvo6.com/?utm_source=b&utm_m ... 1373061067) Good: (http://www.google.com) -> Replace on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL (Hijack.StartPage) -> Bad: (http://www.qvo6.com/?utm_source=b&utm_m ... 1373061067) Good: (http://www.google.com) -> Replace on reboot.

Folders Detected: 15
C:\Users\PC\AppData\Roaming\48666775 (Rogue.Multiple) -> Delete on reboot.
C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato (Adware.ClickPotato) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato (Adware.ClickPotato) -> Delete on reboot.
C:\Windows\svchost (Backdoor.Bot) -> Delete on reboot.
C:\Program Files (x86)\Mp3Tube Toolbar (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C} (Adware.Zwangi) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome (Adware.Zwangi) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults (Adware.Zwangi) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults\preferences (Adware.Zwangi) -> Delete on reboot.

Files Detected: 103
C:\Program Files (x86)\SW-Booster\Assistant.dll (Trojan.SProtector) -> Delete on reboot.
C:\Program Files (x86)\SW-Booster\AssistantSvc.dll (Trojan.SProtector) -> Delete on reboot.
C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe (Adware.Mp3Tube) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\Microsoft\Protect\Credentials\crss.exe (Trojan.FakeMS.ED) -> Delete on reboot.
C:\Windows\inf\msxsex\msxsex.exe (BitcoinMiner) -> Delete on reboot.
C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.dll (Adware.Mp3Tube) -> Delete on reboot.
C:\ProgramData\InstallMate\{0B03F55D-F4CE-4CF2-AE19-BCECD0E0D7AB}\Custom.dll (Adware.Agent) -> Delete on reboot.
C:\Users\PC\Desktop\NFSW_PursuitBot.exe (Trojan.MalPack.G) -> Delete on reboot.
C:\Users\Lukša\AppData\Roaming\msnsvconfig.txt (Malware.Trace) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\msnsvconfig.txt (Malware.Trace) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\Mp3Tube.xml (Adware.Mp3Tube) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\InstallDir\Server.exe (Backdoor.Agent) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\PC-wchelper.dll (Trojan.Agent.Gen) -> Delete on reboot.
C:\Windows\inf\ntvdm.vbe (Malware.Trace) -> Delete on reboot.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\48666775\12-03-2014 (Rogue.Multiple) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\48666775\13-03-2014 (Rogue.Multiple) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\48666775\ak.tmp (Rogue.Multiple) -> Delete on reboot.
C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk (Adware.ClickPotato) -> Delete on reboot.
C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk (Adware.ClickPotato) -> Delete on reboot.
C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk (Adware.ClickPotato) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk (Adware.ClickPotato) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk (Adware.ClickPotato) -> Delete on reboot.
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk (Adware.ClickPotato) -> Delete on reboot.
C:\Program Files (x86)\Mp3Tube Toolbar\ffmpeg.exe (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mp3Tube Toolbar\ShowMsg.exe (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mp3Tube Toolbar\uninstall.exe (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome.manifest (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\install.rdf (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\constants.js (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\convertvideo.js (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\convertvideodlg.js (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\convertvideodlg.xul (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\events.js (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\savetomp3popup.js (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\savetomp3popup.xul (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\tbcore.js (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\toolbar.xul (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\weather.js (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\weatherLoc.js (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\weatherLoc.xul (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\arrow-grey.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\arrow_partner.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\arrow_small.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\bg.jpg (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\feeditem.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\logo.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\news_refresh.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\popupSearchMp3.css (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\popupWindow.css (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\SaveMp3_bg_hover.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\SaveMp3_bg_normal.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\savetomp3PopUp.css (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\Thumbs.db (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\toolbar.css (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3_disabled.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\arrow.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\arrow_big.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\btn_close.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\dailyhotdeals.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\divider.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\facebook.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\games.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\icon-RSS.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\news.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\plainbutton.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3popup-musicicon.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3popup.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\saveyoutubevideos.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\screensaver.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\search.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\searchbar-grey-250.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\searchbox.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\separator_line.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\shopping.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\Thumbs.db (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\watermark.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\youtube.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_rain.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_snow.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_storm.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_tstorm.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\cloudy.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\flurries.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\hazy.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\mist.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\mostly_cloudy.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\mostly_sunny.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\rain.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\sleet.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\snow.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\storm.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\sunny.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\Thumbs.db (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\thunderstorm.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\weatherbug.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\windy.png (Adware.Mp3Tube) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome.manifest (Adware.Zwangi) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\install.rdf (Adware.Zwangi) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome\basicscan.jar (Adware.Zwangi) -> Delete on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults\preferences\prefs.js (Adware.Zwangi) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#6 Příspěvek od **vyosek** » 19 kvě 2014 16:27

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

LuksaCZ · #7 Příspěvek od **LuksaCZ** » 19 kvě 2014 18:48

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by PC on po 19.05.2014 at 17:30:09,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\datamngr
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\desk 365
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\nextlive
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\siteranker
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetim
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetpacks communicator
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.incredibaresrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.incredibaresrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnsbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\icq service.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\webcakeieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\appgraffiti
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ctoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\incredibar.com
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mediafinder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitengine
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\ftdownloader v4.0
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\searchqutoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\shoppingreport2
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\download with &media finder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\appgraffiti
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\ctoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\incredibar.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installiq
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchqumediabartb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appgraffiti.appgraffitijs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4client
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4script
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4server
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4server2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ftdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\i
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.incredibarhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.incredibarhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibarapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibarapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\rebinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\rebatei.rebate informer bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\rebatei.rebateinformimagegen
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\rebateinf.rebateinfobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{105CE2F6-6C71-4553-95DB-0521A2C0F060}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AC48E96-EB40-4792-9D9D-70D59D8754BA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5935E203-F846-461D-89DF-435059EFCBB8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6419A700-23B8-46EA-800B-C0EA78E133A2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BC852D3-9D70-4611-9AFC-016840417A4C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\app24x7help_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\app24x7help_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ftdownloader_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ftdownloader_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_installer_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_installer_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\desk 365
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\filesfrog update checker
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ftdownloader v4.0
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\icqtoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchqu 406 mediabar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\windows searchqu toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{11bf46c6-b3de-48bd-bf70-3ad85cab80b5}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1ae46c09-2ab8-4ee5-88fb-08cd0ff7f2df}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ef645bd-65b0-4f98-ad56-d0437b7045f6}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6f6a5334-78e9-4d9b-8182-8b41ea8c39ef}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7683b745-6060-41fd-aa75-0bbb383fead4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{774c0434-9948-4dee-a14e-69cdd316e36c}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8d15e1b2-d2b7-4a17-b44b-d2dde5981406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{fb697452-8ca4-46b4-98b1-165c922a2ef3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\ftdownloader v4.0
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035574.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035574.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035574.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035574.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322552274}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355555574}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366556674}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344554474}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322552274}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355555574}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366556674}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344554474}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035574.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035574.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035574.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035574.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2790392
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355555574}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366556674}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344554474}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (2)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (2)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_rar-password-cracker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_rar-password-cracker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_smartcomgps_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_smartcomgps_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355555574}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366556674}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344554474}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (2)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (2)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_rar-password-cracker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_rar-password-cracker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_smartcomgps_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_smartcomgps_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{022ba302-4dfa-4e23-b703-5a17ac5e3c48}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{76C007B9-852F-48F3-B8BF-2D9F5135D613}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8d492f70-ea37-453e-a0e4-9d709483a4cd}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C4EB7915-10C2-4DBF-83FE-89DF9E5869B7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B976A35-4DB5-5E82-59B3-7C302B87EE17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{5B976A35-4DB5-5E82-59B3-7C302B87EE17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\ftdownloader v4.0-codedownloader.job"
Successfully deleted: [File] "C:\Windows\Tasks\ftdownloader v4.0-enabler.job"
Successfully deleted: [File] "C:\Windows\Tasks\ftdownloader v4.0-updater.job"
Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job
Successfully deleted: [File] "C:\Users\PC\appdata\local\google\chrome\user data\default\bprotector web data"
Successfully deleted: [File] "C:\Users\PC\appdata\local\google\chrome\user data\default\bprotectorpreferences"
Successfully deleted: [File] "C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\programs\ilivid.lnk"
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully disinfected: [Shortcut] C:\Users\Public\Desktop\Mozilla Firefox.lnk
Successfully repaired: [Shortcut] C:\Users\PC\desktop\Google Chrome.lnk
Successfully repaired: [Shortcut] C:\Users\PC\desktop\Opera.lnk

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\saveas"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\desk 365"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\media finder"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\newnext.me"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\pcpowerspeed"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\appgraffiti"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\bittorrentbar"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\rebateinformer"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\saveas"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\searchquband"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\searchqutoolbar"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\shoppingreport2"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\siteranker"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Program Files (x86)\appgraffiti"
Successfully deleted: [Folder] "C:\Program Files (x86)\bittorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduitengine"
Successfully deleted: [Folder] "C:\Program Files (x86)\defaulttab"
Successfully deleted: [Folder] "C:\Program Files (x86)\desk 365"
Failed to delete: [Folder] "C:\Program Files (x86)\filesfrog update checker"
Successfully deleted: [Folder] "C:\Program Files (x86)\ftdownloader v4.0"
Successfully deleted: [Folder] "C:\Program Files (x86)\ftdownloader.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\ilivid"
Successfully deleted: [Folder] "C:\Program Files (x86)\inbox.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\incredibar.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\perion"
Successfully deleted: [Folder] "C:\Program Files (x86)\rebateinformer"
Successfully deleted: [Folder] "C:\Program Files (x86)\siteranker"
Failed to delete: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\videoplayerv3"
Successfully deleted: [Folder] "C:\Program Files (x86)\webexpenhancedv1"
Successfully deleted: [Folder] "C:\Program Files (x86)\wi3c8a~1"
Failed to delete: [Folder] "C:\Program Files (x86)\windows searchqu toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\your product"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\appgraffiti"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ilivid"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rebateinformer"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveas"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\programs\mobogenie"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{0271A174-A29A-4783-B6A1-585D7E8C2B02}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{04A9BA64-A219-488D-9C0B-92EA5D4A17DF}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{0607F2AE-AA97-45EB-ACE6-70DB91A2C392}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{07ED5B44-B40B-43B7-8E7C-2E8DC85F5AC5}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{081110D4-EBBF-44F6-88B3-B087765D1CF5}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{094FDA09-FA4D-46CB-B630-FE0DF4DDC6A8}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{0A096AD7-5E72-4F11-9515-1C4F4B8F2D19}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{11257695-494C-442D-94BC-F709124C5534}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{142769B8-40CC-4145-AE90-8001E9FE4BAF}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{16D6EE56-5CB5-4642-8B7E-5BDC1DBF6045}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{21EF3A58-0406-46B5-8811-43EFF4355A20}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{2693AA26-5681-46CB-9B29-8A96CADB5AD7}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{2E73F86F-B57A-4229-BA73-0DE38E811E58}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{2EF21603-6AAE-41A7-87ED-472B31B0AD9F}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{30E131BC-E069-4E9B-AB62-D11A4658C79F}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{3B816C22-F77B-419A-91C8-586920719922}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{3B9D6117-1A00-42BF-A3CD-7D55E962443B}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{3C98AD4D-A29A-40DA-B59E-56D52661BBE0}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{3CA995DE-4BD5-498B-BC75-3DEA60E0E8C2}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{447AB7A1-4DCD-4055-81B6-5AD53A8900AC}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{4C5FF201-2991-4641-84AD-5A96E26AA08E}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{4D956251-CA1A-4A2A-95CD-72CEB8F9F1BF}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{4FCB3F93-2DCD-424C-A08B-9CBB28177F65}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{51AD421D-ABE9-4030-A9B8-E721B25F9AAC}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{51E58C99-8406-4403-A0A7-1CD27491E565}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{5C744083-F0FB-4FA8-A041-8CBDA0C1D092}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{6799457E-64A5-42C4-B893-53FD0EFFBB5B}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{67CA0611-9F9F-4060-B216-8E02EA82DBFD}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{69CF3617-4434-4A34-A0AE-CEF10401AD18}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{715E7474-DD78-46B2-B687-37053F4BDE02}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{7BB97271-12F0-40AF-BEE7-E3B54EC6D926}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{8ACBCEAD-152A-44D1-A362-62D4FD7A3AC0}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{8BE5C4F4-65B9-4E5E-B546-55ED88624AC2}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{8FCA0672-E2FB-493D-8F27-874C14BDA9C6}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{94329DF9-059D-425B-82F2-70F02B27DBAD}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{99745A33-0C7F-4A54-975B-47F4BB88D4AA}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{A6C5EB88-41F4-43C4-8E1C-885B2EC977CC}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{AAE4A088-9D46-4136-AB80-2F5C3582551C}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{AF294ACA-0192-4D7D-A356-0F5AD810E201}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{BAEBD3CB-A90F-4A37-8A86-E2A261C9D967}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{C04E08BC-DB86-42C3-B1C3-B0437115CEB4}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{C51B3340-4966-4CDE-B9D4-013359DEF9F4}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{C6FF68D7-6130-4612-91A9-4469E0C04EB6}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{CEB479B7-11C7-4FE3-890C-D1B0097A12B5}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{CEC6BB97-009B-468B-B74E-0346197F0B8C}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{D42DE5C2-D72D-4E99-953E-7CD08F66DE44}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{DB232CCA-8A4E-4DC5-AF07-6A75CE07F6B3}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{DC536CFD-B2F6-4BB6-8D1E-6CCF85927B09}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{E207AEED-4B6C-4DCB-B297-78F1388EFF3F}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{F1DE56B6-85C7-4415-8DED-412D69F8A178}

~~~ FireFox

Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchresults.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchresults.xml"
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\user.js
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\addon@defaulttab.com.xpi
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\gophoto@gophoto.it.xpi
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\mystart search.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\search-here.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\search.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\searchresults.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\sweetim.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\websearch.xml
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchqutoolbar
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\sweetpackstoolbardata
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\appgraffiti@appgraffiti.com
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\ffxtlbr@incredibar.com
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\plugin@getwebcake.com
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\clickpotatolite@clickpotatolite.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\siteranker@siteranker.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{336d0c35-8a85-403a-b9d2-65c292c39087}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{8e9e3331-d360-4f87-8803-52de43566502}
Successfully deleted the following from C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\prefs.js

user_pref("browser.search.defaultengine", "Yahoo-Mp3Tube");
user_pref("browser.search.defaultenginename", "WebSearch");
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.defaulturl", "hxxp://websearch.searchsun.info/?pid=2644&r=2014/05/11&hid=5528822358495884847&lg=EN&cc=CZ&unqvl=52&l=1&q=");
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("browser.startup.homepage", "hxxp://websearch.searchsun.info/?pid=2644&r=2014/05/11&hid=5528822358495884847&lg=EN&cc=CZ&unqvl=52");
user_pref("extensions.defaulttab.installdate", 1398509704);
user_pref("extensions.defaulttab.useNewTabWhiteList", false);
user_pref("extensions.incredibar.RadioMyStations", "[{\"id\":\"1069\",\"name\":\"ORS Rom�ntica en espa�ol\",\"url\":\"hxxp://www.orsradio.com/oldies56k.asx\",\"streamType\
user_pref("extensions.incredibar.actvtyRptTime", "1370348303385");
user_pref("extensions.incredibar.admin", false);
user_pref("extensions.incredibar.afd-1a2d3abe806f9951da73a33d41fcfc9c", "%7B%22items%22%3A%5B%7B%22id%22%3A%22lW5mbq%252BdbmRvp25oblZmaWZlVm%252BdbmVvp25oblZobWtoVm%252Bx%22%2
user_pref("extensions.incredibar.afd-1a2d3abe806f9951da73a33d41fcfc9c_wid", "2521; expires=Tue, 04 Jun 2013 18:18:25 GMT");
user_pref("extensions.incredibar.aflt", "orgnl");
user_pref("extensions.incredibar.afterInstallRpt", "sent");
user_pref("extensions.incredibar.cntry", "CZ");
user_pref("extensions.incredibar.dfltLng", "EN");
user_pref("extensions.incredibar.dfltSrch", false);
user_pref("extensions.incredibar.dfltlng", "en");
user_pref("extensions.incredibar.dfltsrch", "false");
user_pref("extensions.incredibar.did", "10643");
user_pref("extensions.incredibar.envrmnt", "production");
user_pref("extensions.incredibar.excTlbr", false);
user_pref("extensions.incredibar.hdrMd5", "D3A51FC743442CB70C62D896DA365677");
user_pref("extensions.incredibar.hmpg", false);
user_pref("extensions.incredibar.hrdid", "4866677500000000000000fff92985a2");
user_pref("extensions.incredibar.id", "4866677500000000000000fff92985a2");
user_pref("extensions.incredibar.installerproductid", "26");
user_pref("extensions.incredibar.instlDay", "15597");
user_pref("extensions.incredibar.instlRef", "");
user_pref("extensions.incredibar.instlday", "15597");
user_pref("extensions.incredibar.instlref", "");
user_pref("extensions.incredibar.isDcmntCmplt", false);
user_pref("extensions.incredibar.isdcmntcmplt", true);
user_pref("extensions.incredibar.keywordurl", "");
user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1419:33:27");
user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
user_pref("extensions.incredibar.newTab", false);
user_pref("extensions.incredibar.newtab", "false");
user_pref("extensions.incredibar.newtaburl", "");
user_pref("extensions.incredibar.noFFXTlbr", false);
user_pref("extensions.incredibar.ppd", "1");
user_pref("extensions.incredibar.prdct", "incredibar");
user_pref("extensions.incredibar.productid", "26");
user_pref("extensions.incredibar.prtnrId", "Incredibar");
user_pref("extensions.incredibar.prtnrid", "Incredibar");
user_pref("extensions.incredibar.sg", "none");
user_pref("extensions.incredibar.smplGrp", "none");
user_pref("extensions.incredibar.smplgrp", "none");
user_pref("extensions.incredibar.srch", "");
user_pref("extensions.incredibar.srchprvdr", "");
user_pref("extensions.incredibar.tlbrId", "base");
user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQJDLqIU2&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.tlbrid", "base");
user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6PQJDLqIU2&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.upn2", "6PQJDLqIU2");
user_pref("extensions.incredibar.upn2n", "92543581062572482");
user_pref("extensions.incredibar.vrsn", "1.5.11.14");
user_pref("extensions.incredibar.vrsnTs", "1.5.11.1419:33:27");
user_pref("extensions.incredibar.vrsni", "1.5.11.14");
user_pref("extensions.incredibar.vrsnts", "1.5.11.1419:33:27");
user_pref("extensions.incredibar.wnd", "{\"cloudcover\":\"100\",\"humidity\":\"88\",\"observation_time\":\"11:06 AM\",\"precipMM\":\"0.3\",\"pressure\":\"1014\",\"temp_C\":\"1
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10643");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "4866677500000000000000fff92985a2");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15597");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "1");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQJDLqIU2&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6PQJDLqIU2");
user_pref("extensions.incredibar_i.upn2n", "92543581062572482");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1419:33:27");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("keyword.URL", "hxxp://websearch.searchsun.info/?pid=2644&r=2014/05/11&hid=5528822358495884847&lg=EN&cc=CZ&unqvl=52&l=1&q=");
user_pref("mp3tubetoolbar.configXml", "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\r\n<toolbarlayout version=\"2.8.0.0\" \r\n configurl=\"hxxp://cdn.mp3tubetoolbar.com/cu
user_pref("mp3tubetoolbar.configXml_lastcheck", "23308493");
user_pref("mp3tubetoolbar.startupPop", "no");
user_pref("somoto.Var1", "0");
user_pref("somoto.Var10", "0");
user_pref("somoto.Var2", "0");
user_pref("somoto.Var3", "0");
user_pref("somoto.Var4", "0");
user_pref("somoto.Var5", "0");
user_pref("somoto.Var6", "0");
user_pref("somoto.Var7", "0");
user_pref("somoto.Var8", "0");
user_pref("somoto.Var9", "0");
user_pref("somoto.cache.aff_toolbar_settings_xml", "15/13/26/3/114");
user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/hyper ... 5B28AD}?q=");
user_pref("somoto.firstlaunch", "0");
user_pref("somoto.guid", "%7BD61C4996-6C0A-4B10-B4B8-B05CBC5B28AD%7D");
user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/hypercam/{D61C4996-6 ... 5CBC5B28AD}");
user_pref("somoto.old_dnscatch", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=");
user_pref("somoto.old_homepage", "hxxp://start.icq.com/");
user_pref("sweetim.toolbar.RevertDialog.enable", "false");
user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1398509672357");
user_pref("sweetim.toolbar.Visibility.enable", "true");
user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
user_pref("sweetim.toolbar.cda.returnValue", "hide");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dialogs.2.enable", "true");
user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
user_pref("sweetim.toolbar.dialogs.2.height", "150");
user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
user_pref("sweetim.toolbar.dialogs.2.width", "530");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.newtab.created", "true");
user_pref("sweetim.toolbar.newtab.enable", "true");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://mystart.incredibar.com/mb188?a=6PQJDLqIU2&i=26");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "false");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.1.callback", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.1.enable", "false");
user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.predictad.com/scripts/publishers/sweetim/predictadme.js");
user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.2.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.2.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.2.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.2.enable", "false");
user_pref("sweetim.toolbar.scripts.2.id", "id_script_fb_hxxpS");
user_pref("sweetim.toolbar.scripts.2.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "0");
user_pref("sweetim.toolbar.searchguard.enable", "false");
user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
user_pref("sweetim.toolbar.simapp_id", "{B83C8BFB-0278-11E2-A545-005056C00008}");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={B83C8BFB-0278-11E2-A545-005056C00008}");
user_pref("sweetim.toolbar.version", "1.9.0.0");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://www1.delta-search.com/?affID=119816&tt=gc_&babsrc=HP_ss&mntrId=4866002637BD3942/|||86413709
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://www1.delta-search.com/?affID=119816&tt=gc_&babsrc=HP_ss&mntrId=4866002637BD3942/|#|old_
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.
user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio
user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\angobeimajilfhlcpeiccndaifchnppl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 19.05.2014 at 17:36:54,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

LuksaCZ · #8 Příspěvek od **LuksaCZ** » 19 kvě 2014 18:48

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by PC on po 19.05.2014 at 17:30:09,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\datamngr
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\desk 365
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\nextlive
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\siteranker
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetim
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetpacks communicator
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.incredibaresrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.incredibaresrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnsbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\icq service.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\webcakeieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\appgraffiti
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ctoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\incredibar.com
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mediafinder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitengine
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\ftdownloader v4.0
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\searchqutoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\shoppingreport2
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\download with &media finder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\appgraffiti
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\ctoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\incredibar.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installiq
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchqumediabartb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appgraffiti.appgraffitijs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4client
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4script
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4server
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4server2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ftdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\i
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.incredibarhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.incredibarhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibarapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibarapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\rebinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\rebatei.rebate informer bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\rebatei.rebateinformimagegen
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\rebateinf.rebateinfobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{105CE2F6-6C71-4553-95DB-0521A2C0F060}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AC48E96-EB40-4792-9D9D-70D59D8754BA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5935E203-F846-461D-89DF-435059EFCBB8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6419A700-23B8-46EA-800B-C0EA78E133A2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BC852D3-9D70-4611-9AFC-016840417A4C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\app24x7help_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\app24x7help_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ftdownloader_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ftdownloader_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_installer_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_installer_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\desk 365
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\filesfrog update checker
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ftdownloader v4.0
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\icqtoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchqu 406 mediabar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\windows searchqu toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{11bf46c6-b3de-48bd-bf70-3ad85cab80b5}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1ae46c09-2ab8-4ee5-88fb-08cd0ff7f2df}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ef645bd-65b0-4f98-ad56-d0437b7045f6}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6f6a5334-78e9-4d9b-8182-8b41ea8c39ef}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7683b745-6060-41fd-aa75-0bbb383fead4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{774c0434-9948-4dee-a14e-69cdd316e36c}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8d15e1b2-d2b7-4a17-b44b-d2dde5981406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{fb697452-8ca4-46b4-98b1-165c922a2ef3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\ftdownloader v4.0
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035574.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035574.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035574.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035574.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322552274}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355555574}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366556674}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344554474}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322552274}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355555574}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366556674}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344554474}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035574.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035574.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035574.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035574.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2790392
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355555574}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366556674}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344554474}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (2)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (2)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_rar-password-cracker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_rar-password-cracker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_smartcomgps_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_smartcomgps_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355555574}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366556674}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344554474}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (2)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (2)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_rar-password-cracker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_rar-password-cracker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_smartcomgps_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_smartcomgps_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{022ba302-4dfa-4e23-b703-5a17ac5e3c48}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{76C007B9-852F-48F3-B8BF-2D9F5135D613}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8d492f70-ea37-453e-a0e4-9d709483a4cd}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C4EB7915-10C2-4DBF-83FE-89DF9E5869B7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B976A35-4DB5-5E82-59B3-7C302B87EE17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{5B976A35-4DB5-5E82-59B3-7C302B87EE17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\ftdownloader v4.0-codedownloader.job"
Successfully deleted: [File] "C:\Windows\Tasks\ftdownloader v4.0-enabler.job"
Successfully deleted: [File] "C:\Windows\Tasks\ftdownloader v4.0-updater.job"
Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job
Successfully deleted: [File] "C:\Users\PC\appdata\local\google\chrome\user data\default\bprotector web data"
Successfully deleted: [File] "C:\Users\PC\appdata\local\google\chrome\user data\default\bprotectorpreferences"
Successfully deleted: [File] "C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\programs\ilivid.lnk"
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully disinfected: [Shortcut] C:\Users\Public\Desktop\Mozilla Firefox.lnk
Successfully repaired: [Shortcut] C:\Users\PC\desktop\Google Chrome.lnk
Successfully repaired: [Shortcut] C:\Users\PC\desktop\Opera.lnk

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\saveas"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\desk 365"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\media finder"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\newnext.me"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\pcpowerspeed"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\appgraffiti"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\bittorrentbar"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\rebateinformer"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\saveas"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\searchquband"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\searchqutoolbar"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\shoppingreport2"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\siteranker"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Program Files (x86)\appgraffiti"
Successfully deleted: [Folder] "C:\Program Files (x86)\bittorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduitengine"
Successfully deleted: [Folder] "C:\Program Files (x86)\defaulttab"
Successfully deleted: [Folder] "C:\Program Files (x86)\desk 365"
Failed to delete: [Folder] "C:\Program Files (x86)\filesfrog update checker"
Successfully deleted: [Folder] "C:\Program Files (x86)\ftdownloader v4.0"
Successfully deleted: [Folder] "C:\Program Files (x86)\ftdownloader.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\ilivid"
Successfully deleted: [Folder] "C:\Program Files (x86)\inbox.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\incredibar.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\perion"
Successfully deleted: [Folder] "C:\Program Files (x86)\rebateinformer"
Successfully deleted: [Folder] "C:\Program Files (x86)\siteranker"
Failed to delete: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\videoplayerv3"
Successfully deleted: [Folder] "C:\Program Files (x86)\webexpenhancedv1"
Successfully deleted: [Folder] "C:\Program Files (x86)\wi3c8a~1"
Failed to delete: [Folder] "C:\Program Files (x86)\windows searchqu toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\your product"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\appgraffiti"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ilivid"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rebateinformer"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveas"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\programs\mobogenie"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{0271A174-A29A-4783-B6A1-585D7E8C2B02}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{04A9BA64-A219-488D-9C0B-92EA5D4A17DF}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{0607F2AE-AA97-45EB-ACE6-70DB91A2C392}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{07ED5B44-B40B-43B7-8E7C-2E8DC85F5AC5}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{081110D4-EBBF-44F6-88B3-B087765D1CF5}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{094FDA09-FA4D-46CB-B630-FE0DF4DDC6A8}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{0A096AD7-5E72-4F11-9515-1C4F4B8F2D19}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{11257695-494C-442D-94BC-F709124C5534}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{142769B8-40CC-4145-AE90-8001E9FE4BAF}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{16D6EE56-5CB5-4642-8B7E-5BDC1DBF6045}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{21EF3A58-0406-46B5-8811-43EFF4355A20}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{2693AA26-5681-46CB-9B29-8A96CADB5AD7}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{2E73F86F-B57A-4229-BA73-0DE38E811E58}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{2EF21603-6AAE-41A7-87ED-472B31B0AD9F}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{30E131BC-E069-4E9B-AB62-D11A4658C79F}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{3B816C22-F77B-419A-91C8-586920719922}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{3B9D6117-1A00-42BF-A3CD-7D55E962443B}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{3C98AD4D-A29A-40DA-B59E-56D52661BBE0}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{3CA995DE-4BD5-498B-BC75-3DEA60E0E8C2}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{447AB7A1-4DCD-4055-81B6-5AD53A8900AC}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{4C5FF201-2991-4641-84AD-5A96E26AA08E}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{4D956251-CA1A-4A2A-95CD-72CEB8F9F1BF}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{4FCB3F93-2DCD-424C-A08B-9CBB28177F65}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{51AD421D-ABE9-4030-A9B8-E721B25F9AAC}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{51E58C99-8406-4403-A0A7-1CD27491E565}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{5C744083-F0FB-4FA8-A041-8CBDA0C1D092}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{6799457E-64A5-42C4-B893-53FD0EFFBB5B}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{67CA0611-9F9F-4060-B216-8E02EA82DBFD}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{69CF3617-4434-4A34-A0AE-CEF10401AD18}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{715E7474-DD78-46B2-B687-37053F4BDE02}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{7BB97271-12F0-40AF-BEE7-E3B54EC6D926}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{8ACBCEAD-152A-44D1-A362-62D4FD7A3AC0}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{8BE5C4F4-65B9-4E5E-B546-55ED88624AC2}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{8FCA0672-E2FB-493D-8F27-874C14BDA9C6}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{94329DF9-059D-425B-82F2-70F02B27DBAD}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{99745A33-0C7F-4A54-975B-47F4BB88D4AA}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{A6C5EB88-41F4-43C4-8E1C-885B2EC977CC}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{AAE4A088-9D46-4136-AB80-2F5C3582551C}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{AF294ACA-0192-4D7D-A356-0F5AD810E201}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{BAEBD3CB-A90F-4A37-8A86-E2A261C9D967}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{C04E08BC-DB86-42C3-B1C3-B0437115CEB4}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{C51B3340-4966-4CDE-B9D4-013359DEF9F4}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{C6FF68D7-6130-4612-91A9-4469E0C04EB6}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{CEB479B7-11C7-4FE3-890C-D1B0097A12B5}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{CEC6BB97-009B-468B-B74E-0346197F0B8C}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{D42DE5C2-D72D-4E99-953E-7CD08F66DE44}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{DB232CCA-8A4E-4DC5-AF07-6A75CE07F6B3}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{DC536CFD-B2F6-4BB6-8D1E-6CCF85927B09}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{E207AEED-4B6C-4DCB-B297-78F1388EFF3F}
Successfully deleted: [Empty Folder] C:\Users\PC\appdata\local\{F1DE56B6-85C7-4415-8DED-412D69F8A178}

~~~ FireFox

Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchresults.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchresults.xml"
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\user.js
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\addon@defaulttab.com.xpi
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\gophoto@gophoto.it.xpi
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\mystart search.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\search-here.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\search.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\searchresults.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\sweetim.xml
Successfully deleted: [File] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchplugins\websearch.xml
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\searchqutoolbar
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\sweetpackstoolbardata
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\appgraffiti@appgraffiti.com
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\ffxtlbr@incredibar.com
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\plugin@getwebcake.com
Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\clickpotatolite@clickpotatolite.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\siteranker@siteranker.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{336d0c35-8a85-403a-b9d2-65c292c39087}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{8e9e3331-d360-4f87-8803-52de43566502}
Successfully deleted the following from C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\dvbr7ure.default\prefs.js

user_pref("browser.search.defaultengine", "Yahoo-Mp3Tube");
user_pref("browser.search.defaultenginename", "WebSearch");
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.defaulturl", "hxxp://websearch.searchsun.info/?pid=2644&r=2014/05/11&hid=5528822358495884847&lg=EN&cc=CZ&unqvl=52&l=1&q=");
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("browser.startup.homepage", "hxxp://websearch.searchsun.info/?pid=2644&r=2014/05/11&hid=5528822358495884847&lg=EN&cc=CZ&unqvl=52");
user_pref("extensions.defaulttab.installdate", 1398509704);
user_pref("extensions.defaulttab.useNewTabWhiteList", false);
user_pref("extensions.incredibar.RadioMyStations", "[{\"id\":\"1069\",\"name\":\"ORS Rom�ntica en espa�ol\",\"url\":\"hxxp://www.orsradio.com/oldies56k.asx\",\"streamType\
user_pref("extensions.incredibar.actvtyRptTime", "1370348303385");
user_pref("extensions.incredibar.admin", false);
user_pref("extensions.incredibar.afd-1a2d3abe806f9951da73a33d41fcfc9c", "%7B%22items%22%3A%5B%7B%22id%22%3A%22lW5mbq%252BdbmRvp25oblZmaWZlVm%252BdbmVvp25oblZobWtoVm%252Bx%22%2
user_pref("extensions.incredibar.afd-1a2d3abe806f9951da73a33d41fcfc9c_wid", "2521; expires=Tue, 04 Jun 2013 18:18:25 GMT");
user_pref("extensions.incredibar.aflt", "orgnl");
user_pref("extensions.incredibar.afterInstallRpt", "sent");
user_pref("extensions.incredibar.cntry", "CZ");
user_pref("extensions.incredibar.dfltLng", "EN");
user_pref("extensions.incredibar.dfltSrch", false);
user_pref("extensions.incredibar.dfltlng", "en");
user_pref("extensions.incredibar.dfltsrch", "false");
user_pref("extensions.incredibar.did", "10643");
user_pref("extensions.incredibar.envrmnt", "production");
user_pref("extensions.incredibar.excTlbr", false);
user_pref("extensions.incredibar.hdrMd5", "D3A51FC743442CB70C62D896DA365677");
user_pref("extensions.incredibar.hmpg", false);
user_pref("extensions.incredibar.hrdid", "4866677500000000000000fff92985a2");
user_pref("extensions.incredibar.id", "4866677500000000000000fff92985a2");
user_pref("extensions.incredibar.installerproductid", "26");
user_pref("extensions.incredibar.instlDay", "15597");
user_pref("extensions.incredibar.instlRef", "");
user_pref("extensions.incredibar.instlday", "15597");
user_pref("extensions.incredibar.instlref", "");
user_pref("extensions.incredibar.isDcmntCmplt", false);
user_pref("extensions.incredibar.isdcmntcmplt", true);
user_pref("extensions.incredibar.keywordurl", "");
user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1419:33:27");
user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
user_pref("extensions.incredibar.newTab", false);
user_pref("extensions.incredibar.newtab", "false");
user_pref("extensions.incredibar.newtaburl", "");
user_pref("extensions.incredibar.noFFXTlbr", false);
user_pref("extensions.incredibar.ppd", "1");
user_pref("extensions.incredibar.prdct", "incredibar");
user_pref("extensions.incredibar.productid", "26");
user_pref("extensions.incredibar.prtnrId", "Incredibar");
user_pref("extensions.incredibar.prtnrid", "Incredibar");
user_pref("extensions.incredibar.sg", "none");
user_pref("extensions.incredibar.smplGrp", "none");
user_pref("extensions.incredibar.smplgrp", "none");
user_pref("extensions.incredibar.srch", "");
user_pref("extensions.incredibar.srchprvdr", "");
user_pref("extensions.incredibar.tlbrId", "base");
user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQJDLqIU2&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.tlbrid", "base");
user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6PQJDLqIU2&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.upn2", "6PQJDLqIU2");
user_pref("extensions.incredibar.upn2n", "92543581062572482");
user_pref("extensions.incredibar.vrsn", "1.5.11.14");
user_pref("extensions.incredibar.vrsnTs", "1.5.11.1419:33:27");
user_pref("extensions.incredibar.vrsni", "1.5.11.14");
user_pref("extensions.incredibar.vrsnts", "1.5.11.1419:33:27");
user_pref("extensions.incredibar.wnd", "{\"cloudcover\":\"100\",\"humidity\":\"88\",\"observation_time\":\"11:06 AM\",\"precipMM\":\"0.3\",\"pressure\":\"1014\",\"temp_C\":\"1
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10643");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "4866677500000000000000fff92985a2");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15597");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "1");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQJDLqIU2&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6PQJDLqIU2");
user_pref("extensions.incredibar_i.upn2n", "92543581062572482");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1419:33:27");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("keyword.URL", "hxxp://websearch.searchsun.info/?pid=2644&r=2014/05/11&hid=5528822358495884847&lg=EN&cc=CZ&unqvl=52&l=1&q=");
user_pref("mp3tubetoolbar.configXml", "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\r\n<toolbarlayout version=\"2.8.0.0\" \r\n configurl=\"hxxp://cdn.mp3tubetoolbar.com/cu
user_pref("mp3tubetoolbar.configXml_lastcheck", "23308493");
user_pref("mp3tubetoolbar.startupPop", "no");
user_pref("somoto.Var1", "0");
user_pref("somoto.Var10", "0");
user_pref("somoto.Var2", "0");
user_pref("somoto.Var3", "0");
user_pref("somoto.Var4", "0");
user_pref("somoto.Var5", "0");
user_pref("somoto.Var6", "0");
user_pref("somoto.Var7", "0");
user_pref("somoto.Var8", "0");
user_pref("somoto.Var9", "0");
user_pref("somoto.cache.aff_toolbar_settings_xml", "15/13/26/3/114");
user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/hyper ... 5B28AD}?q=");
user_pref("somoto.firstlaunch", "0");
user_pref("somoto.guid", "%7BD61C4996-6C0A-4B10-B4B8-B05CBC5B28AD%7D");
user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/hypercam/{D61C4996-6 ... 5CBC5B28AD}");
user_pref("somoto.old_dnscatch", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=");
user_pref("somoto.old_homepage", "hxxp://start.icq.com/");
user_pref("sweetim.toolbar.RevertDialog.enable", "false");
user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1398509672357");
user_pref("sweetim.toolbar.Visibility.enable", "true");
user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
user_pref("sweetim.toolbar.cda.returnValue", "hide");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dialogs.2.enable", "true");
user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
user_pref("sweetim.toolbar.dialogs.2.height", "150");
user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
user_pref("sweetim.toolbar.dialogs.2.width", "530");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.newtab.created", "true");
user_pref("sweetim.toolbar.newtab.enable", "true");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://mystart.incredibar.com/mb188?a=6PQJDLqIU2&i=26");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "false");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.1.callback", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.1.enable", "false");
user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.predictad.com/scripts/publishers/sweetim/predictadme.js");
user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.2.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.2.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.2.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.2.enable", "false");
user_pref("sweetim.toolbar.scripts.2.id", "id_script_fb_hxxpS");
user_pref("sweetim.toolbar.scripts.2.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "0");
user_pref("sweetim.toolbar.searchguard.enable", "false");
user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
user_pref("sweetim.toolbar.simapp_id", "{B83C8BFB-0278-11E2-A545-005056C00008}");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={B83C8BFB-0278-11E2-A545-005056C00008}");
user_pref("sweetim.toolbar.version", "1.9.0.0");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://www1.delta-search.com/?affID=119816&tt=gc_&babsrc=HP_ss&mntrId=4866002637BD3942/|||86413709
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://www1.delta-search.com/?affID=119816&tt=gc_&babsrc=HP_ss&mntrId=4866002637BD3942/|#|old_
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.
user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio
user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\angobeimajilfhlcpeiccndaifchnppl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 19.05.2014 at 17:36:54,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

LuksaCZ · #9 Příspěvek od **LuksaCZ** » 19 kvě 2014 19:21

# AdwCleaner v3.210 - Report created 19/05/2014 at 19:59:04
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : PC - IRONMAN-PC
# Running from : C:\Users\PC\Desktop\adwcleaner_3.210 (1).exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack
[#] Service Deleted : DefaultTabUpdate
[#] Service Deleted : desksvc
[#] Service Deleted : ICQ Service
[#] Service Deleted : WebCake Desktop Updater
Service Deleted : winzipersvc

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\save nete
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files (x86)\AskTBar
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\MediaViewerV1
Folder Deleted : C:\Program Files (x86)\MediaViewV1
Folder Deleted : C:\Program Files (x86)\SW-Booster
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\Windows Searchqu Toolbar
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Program Files (x86)\save nete
Folder Deleted : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\Users\Lukša\AppData\Local\ClickPotatoLiteSA
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\SaveAs
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Lukša\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Lukša\AppData\Roaming\24x7 help
Folder Deleted : C:\Users\Lukša\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Lukša\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Lukša\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Lukša\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Lukša\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Lukša\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Martin\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Martin\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Martin\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Martin\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Martin\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\Martin\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Martin\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\PC\AppData\Local\ClickPotatoLiteSA
Folder Deleted : C:\Users\PC\AppData\Local\genienext
Folder Deleted : C:\Users\PC\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\PC\AppData\Local\iLivid
Folder Deleted : C:\Users\PC\AppData\Local\MediaGet2
Folder Deleted : C:\Users\PC\AppData\Local\Mobogenie
Folder Deleted : C:\Users\PC\AppData\Local\PackageAware
Folder Deleted : C:\Users\PC\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\PC\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\PC\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\PC\AppData\Roaming\eUpdate
Folder Deleted : C:\Users\PC\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\PC\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\PC\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\PC\Documents\Mobogenie
Folder Deleted : C:\Users\Lukša\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\ICQToolbarData
Folder Deleted : C:\Users\Lukša\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Searchqutoolbar
Folder Deleted : C:\Users\Lukša\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\SweetPacksToolbarData
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\ICQToolbarData
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\Lukša\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\plugin@yontoo.com
Folder Deleted : C:\Users\Lukša\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Lukša\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Folder Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Folder Deleted : C:\Users\Lukša\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgobbmeommkedhkhoimhgjmbllfbnpk
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgobbmeommkedhkhoimhgjmbllfbnpk
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgobbmeommkedhkhoimhgjmbllfbnpk
Folder Deleted : C:\Users\Lukša\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgobbmeommkedhkhoimhgjmbllfbnpk
Folder Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgobbmeommkedhkhoimhgjmbllfbnpk
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\phggphmbbnaiipbjfgdhkpgoieapcjdj
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\phggphmbbnaiipbjfgdhkpgoieapcjdj
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\phggphmbbnaiipbjfgdhkpgoieapcjdj
Folder Deleted : C:\Users\Lukša\AppData\Local\Google\Chrome\User Data\Default\Extensions\phggphmbbnaiipbjfgdhkpgoieapcjdj
Folder Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\phggphmbbnaiipbjfgdhkpgoieapcjdj
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\ftd@ftd.com.xpi
File Deleted : C:\Users\PC\daemonprocess.txt
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\defaulttab.config
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\searchplugins\icqplugin.src
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Lukša\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\user.js
File Deleted : C:\Users\Lukša\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Lukša\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www1.delta-search.com_0.localstorage
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www1.delta-search.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
File Deleted : C:\Windows\System32\Tasks\DTReg
File Deleted : C:\Windows\System32\Tasks\Express FilesUpdate
File Deleted : C:\Windows\System32\Tasks\YourFile Update
File Deleted : C:\Windows\Tasks\SW-Booster-S-702149676.job
File Deleted : C:\Windows\System32\Tasks\SW-Booster-S-702149676

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{ED76C299-85BC-4891-9237-74A140C28832}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Key Deleted : HKLM\SOFTWARE\Classes\and
Key Deleted : HKLM\SOFTWARE\Classes\net
Key Deleted : HKLM\SOFTWARE\Classes\net.5.14
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\5fed8dfb23beb44
Key Deleted : HKLM\SOFTWARE\5fed8dfb23beb44
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-702149676
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF808758-C780-404C-A4EE-4526323FD9B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\AskTBar
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\MediaPlayerV1
Key Deleted : HKLM\Software\MediaViewerV1
Key Deleted : HKLM\Software\MediaViewV1
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SW-Booster
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Key Deleted : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Key Deleted : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v16.0.2 (cs)

[ File : C:\Users\Lukša\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\prefs.js ]

Line Deleted : user_pref("extensions.50ae58e805aa9.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...]
Line Deleted : user_pref("extensions.basicscan.init", true);
Line Deleted : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\": \"Scenario_1,Scenario_2\", \"set_default_search\": \"Search Here|Search Here\", \"window_content\":[...]
Line Deleted : user_pref("extensions.enabledAddons", "ysa1Evr@skywebsearch.com:3.0.0.0,plugin@yontoo.com:1.20.00");
Line Deleted : user_pref("extensions.incredibar.admin", false);
Line Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Line Deleted : user_pref("extensions.incredibar.cntry", "CZ");
Line Deleted : user_pref("extensions.incredibar.dfltLng", "");
Line Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Line Deleted : user_pref("extensions.incredibar.did", "10643");
Line Deleted : user_pref("extensions.incredibar.envrmnt", "production");
Line Deleted : user_pref("extensions.incredibar.excTlbr", false);
Line Deleted : user_pref("extensions.incredibar.hdrMd5", "D3A51FC743442CB70C62D896DA365677");
Line Deleted : user_pref("extensions.incredibar.hmpg", false);
Line Deleted : user_pref("extensions.incredibar.id", "4866677500000000000000fff92985a2");
Line Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Line Deleted : user_pref("extensions.incredibar.instlDay", "15597");
Line Deleted : user_pref("extensions.incredibar.instlRef", "");
Line Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1419:33:27");
Line Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Line Deleted : user_pref("extensions.incredibar.newTab", false);
Line Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Line Deleted : user_pref("extensions.incredibar.ppd", "1");
Line Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Line Deleted : user_pref("extensions.incredibar.productid", "26");
Line Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Line Deleted : user_pref("extensions.incredibar.sg", "none");
Line Deleted : user_pref("extensions.incredibar.smplGrp", "none");
Line Deleted : user_pref("extensions.incredibar.tlbrId", "base");
Line Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQJDLqIU2&loc=IB_TB&i=26&search=");
Line Deleted : user_pref("extensions.incredibar.upn2", "6PQJDLqIU2");
Line Deleted : user_pref("extensions.incredibar.upn2n", "92543581062572482");
Line Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1419:33:27");
Line Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Line Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Line Deleted : user_pref("extensions.incredibar_i.did", "10643");
Line Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Line Deleted : user_pref("extensions.incredibar_i.id", "4866677500000000000000fff92985a2");
Line Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Line Deleted : user_pref("extensions.incredibar_i.instlDay", "15597");
Line Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Line Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Line Deleted : user_pref("extensions.incredibar_i.newTab", false);
Line Deleted : user_pref("extensions.incredibar_i.ppd", "1");
Line Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Line Deleted : user_pref("extensions.incredibar_i.productid", "26");
Line Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Line Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQJDLqIU2&loc=IB_TB&i=26&search=");
Line Deleted : user_pref("extensions.incredibar_i.upn2", "6PQJDLqIU2");
Line Deleted : user_pref("extensions.incredibar_i.upn2n", "92543581062572482");
Line Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1419:33:27");
Line Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Line Deleted : user_pref("extentions.y2layers.installId", "23ff927b-8cd9-4ddf-ba0d-684cf70af1c7");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1352656830);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.hpChange", true);
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1338807954");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "4.0");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "130466938813046693881306765649902");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1353149161);
Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
Line Deleted : user_pref("icqtoolbar.version", "1.4.7");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("mp3tubetoolbar.configXml", "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\r\n<toolbarlayout version=\"2.1.0.0\" \r\n configurl=\"hxxp://cdn.upgradetoolbar.com/custom/images/ftpdest/tb/mp[...]
Line Deleted : user_pref("mp3tubetoolbar.configXml_lastcheck", "22552486");
Line Deleted : user_pref("mp3tubetoolbar.startupPop", "yes");
Line Deleted : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/hyper ... 5B28AD}?q=");
Line Deleted : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/hypercam/{D61C4996-6 ... 5CBC5B28AD}");
Line Deleted : user_pref("somoto.old_dnscatch", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=");
Line Deleted : user_pref("somoto.old_homepage", "hxxp://start.icq.com/");
Line Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "MyStart Search");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "MyStart Search");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://mystart.incredibar.com/mb188?a=6PQJDLqIU2&i=26");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.predictad.com/scripts/publishers/sweetim/predictadme.js");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{B83C8BFB-0278-11E2-A545-005056C00008}");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={B83C8BFB-0278-11E2-A545-005056C00008}");
Line Deleted : user_pref("sweetim.toolbar.version", "1.5.0.2");
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://www.searchnu.com/410/|||8641350489902663");
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://www.searchnu.com/410/|#|old_value|||8641352907478501");
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...]

[ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\prefs.js ]

Line Deleted : user_pref("extensions.basicscan.init", true);
Line Deleted : user_pref("extensions.enabledAddons", "{75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.8,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,ClickPotatoLite@ClickPotatoLite.com:10.0.0.0,mp3tubetoolbar@mp3tubetoo[...]
Line Deleted : user_pref("extensions.incredibar.RadioMyStations", "[{\"id\":\"1069\",\"name\":\"ORS Rom?ntica en espa?ol\",\"url\":\"hxxp://www.orsradio.com/oldies56k.asx\",\"stre ... d\":\"1213\",\"[...]
Line Deleted : user_pref("extensions.incredibar.wnd", "{\"cloudcover\":\"100\",\"humidity\":\"88\",\"observation_time\":\"11:06 AM\",\"precipMM\":\"0.3\",\"pressure\":\"1014\",\"temp_C\":\"13\",\"temp_F\":\"55\",\"v[...]
Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Deleted : user_pref("extentions.webcake.installId", "24bd83d3-8680-450c-99d5-50f5de0196b9");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1398509594);
Line Deleted : user_pref("icqtoolbar.history", "seznam.cz||megan%20fox%20naked||megan%20fox%20porn||x-videos");
Line Deleted : user_pref("icqtoolbar.hpChange", true);
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1370263573");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "4.0");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "130466938813046693881306765649902");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1398509597);
Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("mp3tubetoolbar.configXml", "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\r\n<toolbarlayout version=\"2.8.0.0\" \r\n configurl=\"hxxp://cdn.mp3tubetoolbar.com/custom/images/ftpdest/tb/mp[...]
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...]
Line Deleted : user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...]

-\\ Google Chrome v34.0.1847.137

[ File : C:\Users\Lukša\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.easylifeapp.com/?q={searchTerms}&pid=388&src=ch2&r=2013/04/04&hid=3840547299&lg=EN&cc=CZ
Deleted [Extension] : angobeimajilfhlcpeiccndaifchnppl
Deleted [Extension] : dlnembnfbcpjnepmfjmngjenhhajpdfd
Deleted [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Deleted [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : lgnbhdnimikkoodkogjlcllngimhlapp
Deleted [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk
Deleted [Extension] : cmgobbmeommkedhkhoimhgjmbllfbnpk
Deleted [Extension] : phggphmbbnaiipbjfgdhkpgoieapcjdj

[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.incredibar.com/?q={searchTerms}&pr=&lang=czech&cid=1&source=095365&gc=cz
Deleted [Extension] : angobeimajilfhlcpeiccndaifchnppl
Deleted [Extension] : cmgobbmeommkedhkhoimhgjmbllfbnpk
Deleted [Extension] : dlnembnfbcpjnepmfjmngjenhhajpdfd
Deleted [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : lgnbhdnimikkoodkogjlcllngimhlapp
Deleted [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk
Deleted [Extension] : phggphmbbnaiipbjfgdhkpgoieapcjdj

[ File : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb188/?loc=IB_DS&search={searchTerms}&a=6PQJDLqIU2&i=26
Deleted [Search Provider] : hxxp://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80329&lng=cs
Deleted [Search Provider] : hxxp://websearch.searchsun.info/?l=1&q={searchTerms}&pid=2644&r=2014/05/11&hid=5528822358495884847&lg=EN&cc=CZ&unqvl=52
Deleted [Search Provider] : hxxp://www.elan.cz/?page=websearch&srchtext={searchTerms}
Deleted [Search Provider] : hxxp://www.skydaz.com/search-results/?q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Startup_urls] : hxxp://websearch.searchsun.info/?pid=2644&r=2014/05/11&hid=5528822358495884847&lg=EN&cc=CZ&unqvl=52
Deleted [Extension] : angobeimajilfhlcpeiccndaifchnppl
Deleted [Extension] : dedmngkbaffkenlfdcbganndoghblmap
Deleted [Extension] : dednnpigldgdbpgcdpfppmlcnnbjciel
Deleted [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Deleted [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : lgnbhdnimikkoodkogjlcllngimhlapp
Deleted [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk
Deleted [Extension] : poheodfamflhhhdcmjfeggbgigeefaco

*************************

AdwCleaner[R0].txt - [54172 octets] - [19/05/2014 19:50:57]
AdwCleaner[S0].txt - [54982 octets] - [19/05/2014 19:59:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [55043 octets] ##########

#10 Příspěvek od **vyosek** » 19 kvě 2014 19:24

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

LuksaCZ · #11 Příspěvek od **LuksaCZ** » 19 kvě 2014 19:51

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by PC on po 19.05.2014 at 20:26:54,47.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19.5.2014 20:29:31 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D4EFFB40-B873-43D8-B9F0-92175F0DE1E0} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f2d84f2d-b72d-4fc8-8c93-d7c64f63f145} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f2d84f2d-b72d-4fc8-8c93-d7c64f63f145} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{f2d84f2d-b72d-4fc8-8c93-d7c64f63f145} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f2d84f2d-b72d-4fc8-8c93-d7c64f63f145} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{f2d84f2d-b72d-4fc8-8c93-d7c64f63f145} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{1B66CE5F-4CFA-49B8-BF4F-C704FFEAB916} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{CCB69577-088B-4004-9ED8-FF5BCC83A039} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311551174} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{6E3C6B04-08FE-43BC-8E50-F90285024DEA} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{1824FF90-C98E-48A6-838F-E3B6572B0C77} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{15b74e81-9a18-4b3b-b4fb-4618bdee6d48} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{2592c4c9-97dc-41bc-841e-861c515d0558} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{2e5f50f4-f80a-41ec-b96e-6676cc8a910e} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{62457c94-634e-4436-9c2a-ff241a1d8acb} deleted successfully
HKEY_USERS\S-1-5-21-2876342913-1738241564-3004853940-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{23fcfd51-4958-4f00-80a3-ae97e717ed8b} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{6904342A-8307-11DF-A508-4AE2DFD72085} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\web2pdfextension@web2pdf.adobedotcom deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@WebexpEnhancedV1alpha217.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta278.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha796.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewerV1alpha1429.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha203.net deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\LUKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\prefs.js:
user_pref("browser.startup.homepage", "http://btsearch.name");
user_pref("browser.search.defaulturl", "");
user_pref("browser.newtab.url", "http://btsearch.name");
user_pref("browser.search.defaultengine", "Yahoo-Mp3Tube");
user_pref("browser.search.defaultenginename", "Custom search");
user_pref("browser.search.selectedEngine", "Custom search");
user_pref("browser.search.selectedEngineURL", "http://hostmysearch.com/?prt=pinballtbf ... earchTerms}");
user_pref("browser.search.order.1", "Yahoo-Mp3Tube");
user_pref("keyword.URL", "http://btsearch.name/results.php?q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\LUKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\prefs.js:
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\prefs.js:

ProfilePath: C:\Users\LUKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default

user.js not found
---- Lines WebSearch modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\":{\"descriptor\":\"C:\\\\
---- Lines yontoo modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\":{\"descriptor\":\"C:\\\\
---- Lines defaulttab removed from prefs.js ----
user_pref("extensions.defaulttab.active.affiliate", 3501);
user_pref("extensions.defaulttab.browserID", "5D10D0741D85A05A456C4EEEBC8CFABF");
user_pref("extensions.defaulttab.firstrun", false);
user_pref("extensions.defaulttab.installedVersion", "1.4.2");
---- Lines extensions.50ae58e805aa9 removed from prefs.js ----
user_pref("extensions.50ae58e805aa9.epoch", "1354794897");
user_pref("extensions.50ae58e805aa9.url", "http://jpi-syncs.info/sync/?ext=saveas& ... 50ae58e805
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.extensionFirstRun", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.lastExtensionVersion", "2.0.0.100");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_installer_name", "sg_6PQJDLqIU2_active_MB189_MB190_UA-25323614-20_2012-09-14-19-33-21");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_name", "Web Assistant");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_version", "2.0.0.100");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_temp_installer_name", "sg_6PQJDLqIU2_active_MB189_MB190_UA-25323614-20_2012-09-14-19-33-2
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_toolbarID", "f04cc2e8b06d41e3a46a955732fc211b");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dailyPing", "true|||1353235560977");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_debugMode", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dialogVersion", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_gtQueryParam", "UA-25323614-20");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_inactive_by_user", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_installedPing", "true|||8641350489902293");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_lastUpdate", "1353149157569|||8641353149157570");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam1", "MB189");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam2", "MB190");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_showDialog", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_showtoaster", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_status", "active");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toasterID", "1|||8641352907478501");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toolbar_query", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_upn2", "6PQJDLqIU2");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.100", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.100", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.413", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.100", false);
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\":{\"descriptor\":\"C:\\\\
---- Lines {23fcfd51-4958-4f00-80a3-ae97e717ed8b} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\":{\"descriptor\":\"C:\\\\
---- Lines {6904342A-8307-11DF-A508-4AE2DFD72085} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabled\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\DivX\\\
---- Lines web2pdfextension@web2pdf.adobedotcom modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabled\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\DivX\\\
---- FireFox user.js and prefs.js backups ----

prefs_19.05.2014_2039_.backup

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_19.05.2014_2039_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Opera.exe"

==== Deleting Files \ Folders ======================

C:\Users\LukĹˇa\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\extensions\plugin@yontoo.com not found
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} not found
C:\Users\PC\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\firefox\extensions not found
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\extensions\addon@defaulttab.com.xpi not found
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi not found
C:\Users\PC\AppData\LocalLow\{5B976A35-4DB5-5E82-59B3-7C302B87EE17} deleted
C:\Users\PC\AppData\Local\Packages\windows_ie_ac_001\AC\{5B976A35-4DB5-5E82-59B3-7C302B87EE17} deleted
C:\Users\PC\.android deleted
C:\Users\LUKA~1\.android deleted
C:\PROGRA~2\Hyperionics DB Toolbar deleted
C:\PROGRA~2\Microsoft Research deleted
C:\extensions deleted
C:\found.000 deleted
C:\Users\Martin\AppData\Roaming\PCPowerSpeed deleted
C:\Users\PC\AppData\Roaming\alsoft.ini deleted
C:\Users\LUKA~1\AppData\Roaming\GetRightToGo deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\defaulttab deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\PROGRA~3\SummerSoft deleted
C:\Users\PC\AppData\Local\avgchrome deleted
C:\Users\PC\AppData\Local\cache deleted
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Users\LUKA~1\AppData\Local\avgchrome deleted
C:\Users\Martin\AppData\LocalLow\BitTorrentBar deleted
C:\Users\LUKA~1\AppData\LocalLow\BitTorrentBar deleted
C:\Users\PC\AppData\Roaming\Microsoft\Windows\SendTo\Desk 365.lnk deleted
C:\windows\SysNative\tasks\RunAsStdUser Task deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\LUKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\jetpack deleted
C:\Users\PC\Desktop\Programy\iLivid Download Manager.lnk deleted
"C:\Windows\Installer\1ac79cf.msi" deleted
"C:\Windows\Installer\109c4d0.msi" deleted
"C:\Users\PC\AppData\Local\LumaEmu" deleted
"C:\ProgramData\f6a51b1d809ffc6259f8f5e954ff361b_c" deleted
"C:\Users\PC\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted
"C:\PROGRA~3\26e159859d863b13\{7DD5E91C-3864-77EC-7635-D14910C2A03E}" deleted
"C:\Users\PC\AppData\Roaming\Tether\usage.db" deleted
"C:\PROGRA~3\26e159859d863b13" deleted
"C:\Users\PC\AppData\Roaming\Tether" deleted
"C:\found.001" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ext@RichMediaViewV1release2525.net"="C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ff" [14.05.2014 15:43]

==== Firefox Extensions ======================

ProfilePath: C:\Users\LUKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default
- Undetermined - C:\Users\LukĹˇa\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\extensions\plugin@yontoo.com
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
- Undetermined - C:\Users\PC\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\firefox\extensions
- Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com
- Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
- Undetermined - C:\Users\PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Undetermined - C:\Program Files (x86)\RebateInformer\Firefox
- Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_4.0
- Undetermined - C:\Program Files (x86)\SiteRanker\firefox
- Undetermined - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1429\ff
- Undetermined - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha203\ff
- Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ff
- Undetermined - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha217\ff
- Undetermined - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta278\ff
- Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ff
- Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ff
- Default Manager - %ProfilePath%\extensions\DefaultManager@Microsoft
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Gladiatus Tools - %ProfilePath%\extensions\{76063e7f-3558-4b68-8287-54eb6512adc0}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default
0E8B2D0D9E3415A91EF259CE1112C579 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director
2D654847DF3532E184BE9D71CA07E5F6 - C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll - AllShare
F6D12679B9112358AC705A1308156F59 - C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
371ECE01772E8CF6D2828A3CD0DE490B - C:\Users\PC\AppData\Local\Roblox\Versions\version-1031096e0eaf488a\NPRobloxProxy.dll - Roblox Launcher Plugin
D4A0F57017841F7E54B3E82B99064982 - C:\Users\PC\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
7EDD991C076F76CDF7C10B0487DEF155 - C:\Users\PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
26F7A6A55F76EE478C1484FDFB01B658 - D:\quick time\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3
751C8C238F4BD764E5A047E385B657E7 - D:\quick time\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3
16112E74A62381C69456566D35F9E51E - D:\quick time\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3
BB28A86CDFFFBB041C72AD9EFEAA00D0 - D:\quick time\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3
2DA7883A884BE60F9EB2810F67E0E361 - D:\quick time\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3
DE5507DBA44CC5B6869205871B64A587 - D:\quick time\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3
419680FCE774976FD752EB425D91AEDF - D:\quick time\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cidoacgkgcapnedlfcppcfpobdaenchn - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ch\MediaBuzzV1mode3485.crx[]
dhglkpdjbinlkolpgihojifonjdgocjf - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1429\ch\MediaViewerV1alpha1429.crx[]
elljfamofeanahpmecaclillnfobehca - C:\ProgramData\SaveAs\elljfamofeanahpmecaclillnfobehca.crx[]
fnjbmmemklcjgepojigaapkoodmkgbae - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx[]
jjlgdagjedgdjpncjjdjegmkpldciela - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta278\ch\VideoPlayerV3beta278.crx[]
kgoenfkniplliaojbkiplfcglldhbfmm - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ch\RichMediaViewV1release2525.crx[13.05.2014 17:46]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11.04.2014 19:46]
lkehmmkphfniikelfldcmpnbajapfmaf - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha217\ch\WebexpEnhancedV1alpha217.crx[]
mmifolfpllfdhilecpdpmemhelmanajl - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx[]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx[]
odbbfaealmlpnodchplhdomkgpdkeeal - C:\Program Files (x86)\RebateInformer\Chrome\rebateinformer_c.crx[]
plmmmjakngpfjalmaehdgjpbfglgkbmi - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha203\ch\MediaViewV1alpha203.crx[]

SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee
Best Save - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi
SNT - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee
Best Save - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi
SNT - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee
Best Save - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi
Media Buzz - Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cidoacgkgcapnedlfcppcfpobdaenchn
SNT - Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee
Media Viewer - Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglkpdjbinlkolpgihojifonjdgocjf
Video Player - Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjlgdagjedgdjpncjjdjegmkpldciela
Rich Media View - Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgoenfkniplliaojbkiplfcglldhbfmm
Webexp Enhanced - Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkehmmkphfniikelfldcmpnbajapfmaf
Best Save - Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi
Media View - Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmmmjakngpfjalmaehdgjpbfglgkbmi
Save to 4shared - PC\AppData\Local\CatalinaGroup\Citrio\User Data\Default\Extensions\adnkagodbfngmdajbbocegjnllfmdaie
Downloads - PC\AppData\Local\CatalinaGroup\Citrio\User Data\Default\Extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo
Branding - PC\AppData\Local\CatalinaGroup\Citrio\User Data\Default\Extensions\oocjgdbfocddoflggljlfmpapfiiccak
saint row IV - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkhecioimgppakiakbmimkjjdillhda
Twitch Now - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk
General Crawler - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Web Assistant - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Angry Birds - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
YouTube Options - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn
YouTube to MP3 Converter - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blninhhimglhacbepllgknplckpbbikd
YouTube\u2122 Ratings Preview - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank
SNT - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee
Media Viewer - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglkpdjbinlkolpgihojifonjdgocjf
Youtube to MP3 Converter - High Quality - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllepdkfbbinindpblacdckjaflfjdmj
Vimeo\u2122 Download Videos - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\geeljcibkkackafmeepgadbfgmpjmdeg
TweetDeck by Twitter - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl
YouTube\u2122 Rating Downloader - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgknmdppklikpmfhflbhefmbdbclcdnl
Video Player - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjlgdagjedgdjpncjjdjegmkpldciela
APK Downloader - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\johbbanbdddngnjkcemcdnplpobhccdd
Skype Click to Call - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Webexp Enhanced - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkehmmkphfniikelfldcmpnbajapfmaf
Best Save - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi
Chrome In-App Payments service - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
RebateInformer - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbfaealmlpnodchplhdomkgpdkeeal
Media View - LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmmmjakngpfjalmaehdgjpbfglgkbmi
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Chrome Fix ======================

C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.awsomesearchs.info_0.localstorage deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.awsomesearchs.info_0.localstorage-journal deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mcskinsearch.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cidoacgkgcapnedlfcppcfpobdaenchn deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglkpdjbinlkolpgihojifonjdgocjf deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglkpdjbinlkolpgihojifonjdgocjf deleted successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjlgdagjedgdjpncjjdjegmkpldciela deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjlgdagjedgdjpncjjdjegmkpldciela deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkehmmkphfniikelfldcmpnbajapfmaf deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkehmmkphfniikelfldcmpnbajapfmaf deleted successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nneajnkjbffgblleaoojgaacokifdkhm deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbfaealmlpnodchplhdomkgpdkeeal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmmmjakngpfjalmaehdgjpbfglgkbmi deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmmmjakngpfjalmaehdgjpbfglgkbmi deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dejncpiepjkigpngdjbdgmhhpainifee deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dejncpiepjkigpngdjbdgmhhpainifee_0.localstorage deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dejncpiepjkigpngdjbdgmhhpainifee_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi deleted successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ngbcgifdaopbfflfhbcfeomijfbbcadi_0.localstorage deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ngbcgifdaopbfflfhbcfeomijfbbcadi_0.localstorage-journal deleted successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://btsearch.name"
"Default_Page_URL"="http://www.google.com"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://btsearch.name"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{8d492f70-ea37-453e-a0e4-9d709483a4cd}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=WLETDF& ... -SearchBox"
{20593CF9-9306-42D8-9FC2-52F050A1119B} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... ckSearch_5"
{2920dec8-b4df-4d9c-8c7a-5bd8c78c84f7} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_5"
{3748928C-33D4-44EA-8CB7-E837AFE26430} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5"
{55bea2cd-16fd-4316-a777-7bf5feaf8557} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... ckSearch_5"
{608EEDD5-7B7E-48CF-851C-83754983ADC0} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... ckSearch_5"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{8d492f70-ea37-453e-a0e4-9d709483a4cd} Custom search Url="http://btsearch.name/results.php?q={searchTerms}"
{bdbe1035-eb8f-4bed-ab14-9e31927efedf} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... ckSearch_5"
{EC197609-C308-4241-BA77-EBB73CBD6B46} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5"

==== Reset Google Chrome ======================

C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\PC\AppData\Local\CatalinaGroup\Citrio\User Data\Default\Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\PC\AppData\Local\CatalinaGroup\Citrio\User Data\Default\Web Data was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\39858c71-3a26-423f-b263-6fe9d8166a57 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{03E91AB0-A9F4-6CA4-2AD3-C6D9ECE3C208} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{655248E2-25CF-A364-AD73-A2BA8A77B840} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cidoacgkgcapnedlfcppcfpobdaenchn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhglkpdjbinlkolpgihojifonjdgocjf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\elljfamofeanahpmecaclillnfobehca deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jjlgdagjedgdjpncjjdjegmkpldciela deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lkehmmkphfniikelfldcmpnbajapfmaf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\odbbfaealmlpnodchplhdomkgpdkeeal deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\plmmmjakngpfjalmaehdgjpbfglgkbmi deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Martin\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\LUKA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\LUKA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\LUKA~1\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9565F0CD will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\PC\AppData\Local\CatalinaGroup\Citrio\User Data\Default\Cache emptied successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\LUKA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2236 folders=295 208361438 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Martin\AppData\Local\Temp emptied successfully
C:\Users\PC\AppData\Local\Temp will be emptied at reboot
C:\Users\LUKA~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9565F0CD" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on po 19.05.2014 at 20:48:57,16 ======================

#12 Příspěvek od **vyosek** » 19 kvě 2014 20:06

Krasne se nam to cisti, dejte nyni FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

LuksaCZ · #13 Příspěvek od **LuksaCZ** » 19 kvě 2014 20:24

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by PC (administrator) on IRONMAN-PC on 19-05-2014 21:19:06
Running from C:\Users\PC\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CobianSoft, Luis Cobian) D:\zálohy\cbVSCService11.exe
(Luis Cobian, CobianSoft) D:\zálohy\cbService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files\PCDApp\dgen.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() D:\Tether\TBService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Ateksoft Company Ltd.) C:\Program Files (x86)\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Windows\vsnpstd3.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\BitTorrent\BitTorrent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(ZONER software) D:\Zoner Photo Studio 15 PRO\Photo Studio 15\Program32\ZPSTray.exe
() C:\Users\PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Dropbox, Inc.) C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
(Luis Cobian, CobianSoft) D:\zálohy\cbInterface.exe
() C:\Program Files (x86)\Genius\Maurus\mousehid.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
() C:\Windows\tsnpstd3.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Bohemia Interactive) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
(Valve Corporation) D:\Steam\GameOverlayUI.exe
(forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AllShare Play] => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [407384 2013-01-24] (Samsung Electronics)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [843776 2006-09-18] ()
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXUpdate] => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => D:\quick time\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => "D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => "D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrotray.exe"
HKLM-x32\...\Run: [YouTube Downloader_Helper] => C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe [1434112 2012-11-06] ()
HKLM-x32\...\Run: [Cobian Backup 11 interface] => D:\zálohy\cbInterface.exe [4407808 2012-12-06] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [Maurus] => C:\Program Files (x86)\Genius\Maurus\mousehid.exe [300544 2011-11-14] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088 2012-11-01] (VMware, Inc.)
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [368640 2007-06-15] ()
HKLM-x32\...\Run: [Babakan] => cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20131027 (exit) else (start http://dinoraptzor.org && exit)
HKLM-x32\...\Run: [DApp] => C:\Program Files\PCDApp\start.vbs [178 2014-04-10] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\.DEFAULT\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-19\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-20\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-03-27] (Google Inc.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [BitTorrent] => C:\Users\PC\AppData\Roaming\BitTorrent\BitTorrent.exe [1242704 2014-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\ZONER PHOTO STUDIO 15 PRO\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {0c72e62f-beec-11e2-9360-ac037121bffd} - G:\.autorun\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {144b7b0d-1e52-11e1-a388-6c626da95367} - G:\Setup.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {15628ea2-d2de-11e0-a08f-6c626da95367} - G:\setup.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {3422cb9c-64ff-11e0-bbc6-6c626da95367} - F:\AUTORUN.EXE
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {4af469b9-dc46-11e0-b910-6c626da95367} - H:\LaunchU3.exe -a
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {57a96814-8156-11e1-bcc4-6c626da95367} - G:\Setup.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {7e9790d5-e9c6-11e1-976e-6c626da95367} - H:\Startme.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {8b915dfc-bd4e-11e1-bfc0-6c626da95367} - G:\.autorun\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {9174d511-57c7-11e0-b14b-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {adb407a4-e205-11e1-a6e2-6c626da95367} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {adb407da-e205-11e1-a6e2-6c626da95367} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {cef6c04b-55d4-11e3-b9b0-87deec21a0e4} - G:\.autorun\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {d216ab17-5dcb-11e0-af16-806e6f6e6963} - E:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe (GamersFirst)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GmoteServer.lnk
ShortcutTarget: GmoteServer.lnk -> C:\Program Files (x86)\GmoteServer\GmoteServer.exe ()
Startup: C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GmoteServer.lnk
ShortcutTarget: GmoteServer.lnk -> C:\Program Files (x86)\GmoteServer\GmoteServer.exe ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://btsearch.name
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {8d492f70-ea37-453e-a0e4-9d709483a4cd} URL = http://btsearch.name/results.php?q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {20593CF9-9306-42D8-9FC2-52F050A1119B} URL = http://encyklopedie.seznam.cz/search?q= ... ckSearch_5
SearchScopes: HKCU - {2920dec8-b4df-4d9c-8c7a-5bd8c78c84f7} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_5
SearchScopes: HKCU - {3748928C-33D4-44EA-8CB7-E837AFE26430} URL = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
SearchScopes: HKCU - {55bea2cd-16fd-4316-a777-7bf5feaf8557} URL = http://www.firmy.cz/?q={searchTerms}&so ... ckSearch_5
SearchScopes: HKCU - {608EEDD5-7B7E-48CF-851C-83754983ADC0} URL = http://www.novinky.cz/hledej?w={searchT ... ckSearch_5
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {8d492f70-ea37-453e-a0e4-9d709483a4cd} URL = http://btsearch.name/results.php?q={searchTerms}
SearchScopes: HKCU - {bdbe1035-eb8f-4bed-ab14-9e31927efedf} URL = http://www.mapy.cz/?query={searchTerms} ... ckSearch_5
SearchScopes: HKCU - {EC197609-C308-4241-BA77-EBB73CBD6B46} URL = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
BHO: save nete - {5B976A35-4DB5-5E82-59B3-7C302B87EE17} - C:\Program Files (x86)\save nete\78V.x64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: YouTube Downloader - {031afb00-725a-4ede-9d27-a2b5fac89e9a} - C:\Program Files (x86)\YouTube Downloader\YouTube Downloader.dll (HotSummerWind Software)
BHO-x32: Media Buzz - {12ecac86-1726-475f-a23c-7fd3add3e6de} - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ie\MediaBuzzV1mode3485.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Rich Media View - {ca5a84b5-a411-4248-bf6d-0d9b9306257c} - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ie\RichMediaViewV1release2525.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - YouTube Downloader - {031afb00-725a-4ede-9d27-a2b5fac89e9a} - C:\Program Files (x86)\YouTube Downloader\YouTube Downloader.dll (HotSummerWind Software)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 4.22.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{4504A1FD-E8B8-4BBD-AF58-1A26672804D9}: [NameServer]208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - D:\cs6 efekty\Acrobat 10.0\Acrobat\Air\nppdf32.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\PC\AppData\Local\Roblox\Versions\version-1031096e0eaf488a\\NPRobloxProxy.dll ( Roblox Corporation)
FF Plugin HKCU: @onlive.com/OnLiveGameClientDetector,version=1.0.0 - C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\PC\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\PC\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\PC\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: samsung.com/AllSharePlayPCPlugin - C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll (Samsung)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\PC\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\PC\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Default Manager - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\DefaultManager@Microsoft [2011-08-12]
FF Extension: Seznam lištička - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-06-03]
FF Extension: Gladiatus Tools - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\{76063e7f-3558-4b68-8287-54eb6512adc0}.xpi [2013-06-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-14]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-24]
FF HKLM-x32\...\Firefox\Extensions: [fe_4.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_4.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_4.0 [2012-11-22]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode3485.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ff
FF Extension: Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ff [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release2525.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ff
FF Extension: Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ff [2014-05-14]
FF HKLM-x32\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012-11-22]

Chrome:
=======
CHR Extension: (saint row IV) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkhecioimgppakiakbmimkjjdillhda [2014-05-19]
CHR Extension: (Peněženka Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-19]
CHR HKLM-x32\...\Chrome\Extension: [kgoenfkniplliaojbkiplfcglldhbfmm] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ch\RichMediaViewV1release2525.crx [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [408184 2012-10-23] (Samsung)
S2 AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [662600 2013-01-24] (Copyright 2013 SAMSUNG)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2013-12-01] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 cbVSCService11; D:\zálohy\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian)
R2 CobianBackup11; D:\zálohy\cbService.exe [1131008 2012-12-06] (Luis Cobian, CobianSoft)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-25] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-04-25] ()
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97232 2014-05-09] ()
R2 Tether; D:\Tether\TBService.exe [52664 2011-09-29] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [736104 2012-02-14] (Tunngle.net GmbH)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13234176 2012-11-01] ()
R2 Webcamera Plus Service; C:\Program Files (x86)\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe [46592 2009-07-26] (Ateksoft Company Ltd.)
S2 BBSvc; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [X]
S2 d0e87c27; "C:\Windows\system32\rundll32.exe" "c:\progra~2\sw-boo~1\AssistantSvc.dll",service
S3 wampapache; "C:\Users\PC\Desktop\pepa\wamp\bin\apache\apache2.2.17\bin\httpd.exe" -k runservice [X]
S3 wampmysqld; C:\Users\PC\Desktop\pepa\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe wampmysqld [X]

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2011-04-30] ()
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-12-01] (BitRaider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-25] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [30592 2012-10-18] (REALiX(tm))
S1 ISODisk; C:\Windows\SysWow64\Drivers\ISODisk.sys [9600 2006-04-26] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2011-04-30] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10503168 2007-05-02] (Sonix Co. Ltd.)
R3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10222720 2007-05-02] (Sonix Co. Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 TSVAD_PCM; C:\Windows\System32\drivers\tsvadpcm.sys [33552 2012-08-22] (Windows (R) Win 7 DDK provider)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31384 2012-11-01] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S1 dhecwuae; \??\C:\Windows\system32\drivers\dhecwuae.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 fifymkoi; \??\C:\Windows\system32\drivers\fifymkoi.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S1 nrpzggvd; \??\C:\Windows\system32\drivers\nrpzggvd.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-19 21:19 - 2014-05-19 21:20 - 00031855 _____ () C:\Users\PC\Desktop\FRST.txt
2014-05-19 21:17 - 2014-05-19 21:19 - 00000000 ____D () C:\FRST
2014-05-19 21:16 - 2014-05-19 21:15 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe
2014-05-19 21:16 - 2014-05-19 21:11 - 02067456 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-05-19 20:45 - 2014-05-19 20:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-19 20:29 - 2014-05-19 20:48 - 00043907 _____ () C:\zoek-results.log
2014-05-19 20:26 - 2014-05-19 20:47 - 00000000 ____D () C:\zoek_backup
2014-05-19 20:26 - 2014-05-19 20:26 - 01285120 _____ () C:\Users\PC\Desktop\zoek.exe
2014-05-19 19:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-19 19:50 - 2014-05-19 19:50 - 01326389 _____ () C:\Users\PC\Desktop\adwcleaner_3.210 (1).exe
2014-05-19 17:36 - 2014-05-19 17:36 - 00068979 _____ () C:\Users\PC\Desktop\JRT.txt
2014-05-19 17:31 - 2014-05-19 20:03 - 00000000 ____D () C:\AdwCleaner
2014-05-19 17:30 - 2014-05-19 17:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 17:29 - 2014-05-19 17:28 - 01016261 _____ (Thisisu) C:\Users\PC\Desktop\JRT.exe
2014-05-19 17:20 - 2014-05-19 20:48 - 00000168 _____ () C:\Windows\setupact.log
2014-05-19 17:20 - 2014-05-19 20:47 - 00040450 _____ () C:\Windows\PFRO.log
2014-05-19 17:20 - 2014-05-19 17:20 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-19 16:41 - 2014-05-19 16:41 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 16:41 - 2014-05-19 16:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 16:40 - 2014-05-19 17:18 - 00000000 ____D () C:\Users\PC\Desktop\mbar
2014-05-19 16:40 - 2014-05-19 16:40 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-19 16:39 - 2014-05-19 16:39 - 12589848 _____ (Malwarebytes Corp.) C:\Users\PC\Desktop\mbar-1.07.0.1009.exe
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\rsit
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\Program Files\trend micro
2014-05-19 14:31 - 2014-05-19 14:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-18 16:41 - 2014-05-18 16:42 - 00000000 ____D () C:\Users\PC\Desktop\@dayz addons
2014-05-17 13:39 - 2014-05-18 13:29 - 00000000 ____D () C:\Users\PC\AppData\Roaming\FEZ
2014-05-17 12:29 - 2014-05-17 12:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\SpaceEngineers
2014-05-17 12:12 - 2014-05-17 12:12 - 00000201 _____ () C:\Users\PC\Desktop\Zeno Clash.url
2014-05-17 12:05 - 2014-05-17 12:05 - 00000202 _____ () C:\Users\PC\Desktop\Space Engineers.url
2014-05-17 12:04 - 2014-05-17 12:04 - 00000200 _____ () C:\Users\PC\Desktop\The Ship.url
2014-05-17 12:03 - 2014-05-17 12:03 - 00000202 _____ () C:\Users\PC\Desktop\FEZ.url
2014-05-17 12:03 - 2014-05-17 12:03 - 00000202 _____ () C:\Users\PC\Desktop\Calibre 10 Racing Series.url
2014-05-16 18:56 - 2014-05-16 18:56 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-05-16 18:51 - 2014-05-16 18:51 - 00000201 _____ () C:\Users\PC\Desktop\Anomaly Warzone Earth.url
2014-05-16 18:46 - 2014-05-16 18:46 - 00001379 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-05-16 18:44 - 2014-05-16 18:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Riot Games
2014-05-16 18:32 - 2014-05-16 18:32 - 00000202 _____ () C:\Users\PC\Desktop\Arma 2 DayZ Mod.url
2014-05-16 18:25 - 2014-05-18 15:15 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2 OA
2014-05-16 18:07 - 2014-05-17 13:27 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2
2014-05-16 18:07 - 2014-05-16 18:25 - 00000000 ____D () C:\Users\PC\Documents\ArmA 2
2014-05-16 18:07 - 2014-05-16 18:25 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-16 16:08 - 2014-05-16 16:08 - 00000201 _____ () C:\Users\PC\Desktop\Arma 2 Operation Arrowhead.url
2014-05-16 16:07 - 2014-05-16 16:07 - 00000201 _____ () C:\Users\PC\Desktop\Arma 2.url
2014-05-15 20:15 - 2014-05-15 20:15 - 00000201 _____ () C:\Users\PC\Desktop\Arma Cold War Assault.url
2014-05-14 15:45 - 2014-05-14 15:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DropboxMaster
2014-05-14 15:43 - 2014-05-14 15:43 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-05-14 14:57 - 2014-05-14 14:57 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 14:01 - 2014-05-14 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 14:01 - 2014-05-14 14:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 12:54 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 12:54 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 12:54 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 12:54 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 12:54 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 12:54 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 12:10 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 12:10 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 12:07 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 12:07 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 12:07 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 12:07 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 12:07 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 12:07 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 12:07 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 12:07 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 12:07 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 12:07 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 12:07 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 12:07 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 12:07 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 12:06 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 12:06 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 12:06 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 12:06 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 12:06 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 12:06 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 12:06 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 12:06 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 12:06 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 12:06 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 12:06 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-13 14:22 - 2014-05-13 14:22 - 00002121 _____ () C:\Users\Martin\Downloads\smime (2).p7s
2014-05-12 16:35 - 2014-05-12 16:35 - 00016827 _____ () C:\Users\PC\Desktop\Nový textový dokument (2).txt
2014-05-12 14:03 - 2014-05-19 20:48 - 00000000 _____ () C:\Windows\SysWOW64\s.o
2014-05-11 18:55 - 2014-05-06 22:48 - 01411584 _____ () C:\Users\PC\Desktop\VinylHub.exe
2014-05-11 17:46 - 2013-09-30 16:37 - 01133056 _____ () C:\Users\PC\Desktop\SlotBot™.exe
2014-05-11 17:35 - 2014-05-11 17:39 - 00000000 ____D () C:\ProgramData\IconCache
2014-05-11 17:35 - 2014-05-11 17:36 - 00000000 ____D () C:\Program Files\PCDApp
2014-05-11 16:57 - 2014-05-11 16:57 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-11 16:57 - 2014-05-11 16:57 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-11 16:56 - 2014-05-11 16:57 - 00000000 ____D () C:\ProgramData\ItsMyApp
2014-05-11 16:56 - 2014-05-11 16:56 - 00000000 ____D () C:\Users\PC\AppData\Local\Packages
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Guest
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Administrator
2014-05-09 16:48 - 2014-05-09 16:48 - 00000000 ____D () C:\Program Files (x86)\Dark Team
2014-05-08 21:03 - 2014-05-08 21:03 - 00000000 ____D () C:\Program Files (x86)\Vinyl Artist
2014-05-07 21:24 - 2014-05-07 21:24 - 00000000 ____D () C:\Users\PC\Documents\Need for Speed World
2014-05-07 19:45 - 2014-05-07 19:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Need for Speed World
2014-05-07 19:38 - 2014-05-07 19:38 - 00000000 ____D () C:\Users\PC\AppData\Local\Electronic_Arts_Inc
2014-05-07 19:37 - 2014-05-07 19:37 - 00000687 _____ () C:\Users\PC\Desktop\Need For Speed World.lnk
2014-05-07 18:00 - 2014-05-07 18:00 - 00000201 _____ () C:\Users\PC\Desktop\Hammerfight.url
2014-05-06 22:20 - 2014-05-14 13:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 18:01 - 2014-05-05 18:01 - 00000941 _____ () C:\Users\PC\Desktop\S4 League.lnk
2014-05-05 16:08 - 2014-05-05 16:08 - 00000199 _____ () C:\Users\PC\Desktop\Alien Swarm.url
2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Oracle
2014-04-29 16:17 - 2014-04-29 16:17 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-29 16:17 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-29 16:17 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-29 16:17 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-29 16:17 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-28 18:18 - 2014-04-28 18:18 - 00001027 _____ () C:\Users\PC\Desktop\dsnbvgjkabvjjvkbfgvirbsejk.txt
2014-04-25 20:38 - 2014-04-25 20:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls
2014-04-25 13:47 - 2014-04-25 13:47 - 00000000 ____D () C:\Program Files (x86)\MediaBuzzV1
2014-04-24 16:13 - 2014-04-24 16:13 - 00000201 _____ () C:\Users\PC\Desktop\Rising StormRed Orchestra 2 Multiplayer.url
2014-04-24 15:33 - 2014-04-24 15:33 - 00000202 _____ () C:\Users\PC\Desktop\Red Orchestra 2 Heroes of Stalingrad - Single Player.url
2014-04-24 10:01 - 2014-04-24 10:01 - 33454051 _____ () C:\Users\Martin\Downloads\adriana.wmv
2014-04-23 16:08 - 2014-04-23 16:15 - 00000202 _____ () C:\Users\PC\Desktop\Starbound.url
2014-04-22 15:02 - 2014-05-14 16:03 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-04-22 15:02 - 2014-05-14 16:03 - 00000000 ____D () C:\Users\Public\Util
2014-04-21 00:01 - 2014-04-21 21:13 - 00021217 _____ () C:\Users\PC\Desktop\Den Země 8.odt
2014-04-20 22:40 - 2014-04-20 22:40 - 00017316 _____ () C:\Users\PC\Desktop\Den Země 2- Stálezelené okrasné keře.odt
2014-04-19 20:24 - 2014-04-19 20:24 - 00000000 ____D () C:\Windows\SysWOW64\Adobe

==================== One Month Modified Files and Folders =======

2014-05-19 21:20 - 2014-05-19 21:19 - 00031855 _____ () C:\Users\PC\Desktop\FRST.txt
2014-05-19 21:20 - 2011-12-25 21:23 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype
2014-05-19 21:19 - 2014-05-19 21:17 - 00000000 ____D () C:\FRST
2014-05-19 21:19 - 2011-03-28 16:26 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BitTorrent
2014-05-19 21:15 - 2014-05-19 21:16 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe
2014-05-19 21:15 - 2011-03-27 14:25 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job
2014-05-19 21:15 - 2011-03-27 14:25 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job
2014-05-19 21:11 - 2014-05-19 21:16 - 02067456 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-05-19 20:57 - 2013-09-18 14:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-19 20:55 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-19 20:55 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-19 20:54 - 2013-06-21 22:11 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Seznam.cz
2014-05-19 20:52 - 2011-03-26 18:42 - 01193863 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 20:50 - 2012-01-26 19:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Dropbox
2014-05-19 20:49 - 2013-12-23 20:00 - 00000000 ____D () C:\Users\PC\AppData\Local\LogMeIn Hamachi
2014-05-19 20:48 - 2014-05-19 20:29 - 00043907 _____ () C:\zoek-results.log
2014-05-19 20:48 - 2014-05-19 17:20 - 00000168 _____ () C:\Windows\setupact.log
2014-05-19 20:48 - 2014-05-12 14:03 - 00000000 _____ () C:\Windows\SysWOW64\s.o
2014-05-19 20:48 - 2012-12-16 15:53 - 00000000 ____D () C:\Users\PC\AppData\Local\TSVNCache
2014-05-19 20:48 - 2012-09-03 13:50 - 00000000 ____D () C:\ProgramData\VMware
2014-05-19 20:48 - 2012-02-04 18:21 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-19 20:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-19 20:47 - 2014-05-19 20:26 - 00000000 ____D () C:\zoek_backup
2014-05-19 20:47 - 2014-05-19 17:20 - 00040450 _____ () C:\Windows\PFRO.log
2014-05-19 20:41 - 2011-12-30 14:06 - 00000000 ____D () C:\Users\PC\Desktop\Programy
2014-05-19 20:40 - 2012-11-13 17:15 - 00000000 ____D () C:\Users\Lukša
2014-05-19 20:40 - 2011-03-26 18:44 - 00000000 ____D () C:\Users\PC
2014-05-19 20:26 - 2014-05-19 20:45 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-19 20:26 - 2014-05-19 20:26 - 01285120 _____ () C:\Users\PC\Desktop\zoek.exe
2014-05-19 20:26 - 2012-02-04 18:21 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-19 20:20 - 2011-10-19 20:10 - 00000970 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job
2014-05-19 20:03 - 2014-05-19 17:31 - 00000000 ____D () C:\AdwCleaner
2014-05-19 19:50 - 2014-05-19 19:50 - 01326389 _____ () C:\Users\PC\Desktop\adwcleaner_3.210 (1).exe
2014-05-19 18:08 - 2011-03-26 18:44 - 00000000 ___RD () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 17:36 - 2014-05-19 17:36 - 00068979 _____ () C:\Users\PC\Desktop\JRT.txt
2014-05-19 17:36 - 2013-04-16 19:52 - 00001366 _____ () C:\Users\PC\Desktop\Opera.lnk
2014-05-19 17:36 - 2012-11-17 12:50 - 00000607 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-19 17:36 - 2012-11-14 17:39 - 00002259 _____ () C:\Users\PC\Desktop\Google Chrome.lnk
2014-05-19 17:36 - 2011-09-20 16:59 - 00001845 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-19 17:36 - 2011-04-11 17:39 - 00000607 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-19 17:36 - 2011-03-26 18:45 - 00001397 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-19 17:30 - 2014-05-19 17:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 17:28 - 2014-05-19 17:29 - 01016261 _____ (Thisisu) C:\Users\PC\Desktop\JRT.exe
2014-05-19 17:25 - 2012-12-11 16:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 17:20 - 2014-05-19 17:20 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-19 17:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-19 17:18 - 2014-05-19 16:40 - 00000000 ____D () C:\Users\PC\Desktop\mbar
2014-05-19 17:18 - 2013-03-04 18:30 - 00000000 ____D () C:\Users\PC\AppData\Roaming\InstallDir
2014-05-19 16:41 - 2014-05-19 16:41 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 16:41 - 2014-05-19 16:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 16:40 - 2014-05-19 16:40 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-19 16:39 - 2014-05-19 16:39 - 12589848 _____ (Malwarebytes Corp.) C:\Users\PC\Desktop\mbar-1.07.0.1009.exe
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\rsit
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\Program Files\trend micro
2014-05-19 14:38 - 2012-11-11 21:10 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Sony
2014-05-19 14:38 - 2011-04-12 18:17 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2014-05-19 14:37 - 2012-11-14 19:00 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-05-19 14:37 - 2012-10-28 16:00 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Ventrilo
2014-05-19 14:37 - 2011-12-26 11:08 - 00000000 ____D () C:\Users\PC\AppData\Roaming\TS3Client
2014-05-19 14:36 - 2011-03-26 18:38 - 00000000 ____D () C:\Windows\Panther
2014-05-19 14:35 - 2012-10-02 16:17 - 00000000 ____D () C:\Users\PC\AppData\Local\CrashDumps
2014-05-19 14:35 - 2011-04-03 11:25 - 00000000 ____D () C:\Windows\Minidump
2014-05-19 14:31 - 2014-05-19 14:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-19 14:31 - 2012-05-11 21:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-19 11:20 - 2011-10-19 20:10 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job
2014-05-18 20:01 - 2009-07-14 07:08 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 16:42 - 2014-05-18 16:41 - 00000000 ____D () C:\Users\PC\Desktop\@dayz addons
2014-05-18 15:15 - 2014-05-16 18:25 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2 OA
2014-05-18 13:29 - 2014-05-17 13:39 - 00000000 ____D () C:\Users\PC\AppData\Roaming\FEZ
2014-05-17 13:27 - 2014-05-16 18:07 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2
2014-05-17 12:34 - 2014-05-17 12:29 - 00000000 ____D () C:\Users\PC\AppData\Roaming\SpaceEngineers
2014-05-17 12:12 - 2014-05-17 12:12 - 00000201 _____ () C:\Users\PC\Desktop\Zeno Clash.url
2014-05-17 12:05 - 2014-05-17 12:05 - 00000202 _____ () C:\Users\PC\Desktop\Space Engineers.url
2014-05-17 12:04 - 2014-05-17 12:04 - 00000200 _____ () C:\Users\PC\Desktop\The Ship.url
2014-05-17 12:03 - 2014-05-17 12:03 - 00000202 _____ () C:\Users\PC\Desktop\FEZ.url
2014-05-17 12:03 - 2014-05-17 12:03 - 00000202 _____ () C:\Users\PC\Desktop\Calibre 10 Racing Series.url
2014-05-16 19:52 - 2011-06-02 16:20 - 00000000 ____D () C:\Users\PC\AppData\Local\PMB Files
2014-05-16 19:52 - 2011-06-02 16:20 - 00000000 ____D () C:\ProgramData\PMB Files
2014-05-16 18:56 - 2014-05-16 18:56 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-05-16 18:56 - 2011-04-03 11:32 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-05-16 18:51 - 2014-05-16 18:51 - 00000201 _____ () C:\Users\PC\Desktop\Anomaly Warzone Earth.url
2014-05-16 18:47 - 2014-05-16 18:44 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Riot Games
2014-05-16 18:46 - 2014-05-16 18:46 - 00001379 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-05-16 18:32 - 2014-05-16 18:32 - 00000202 _____ () C:\Users\PC\Desktop\Arma 2 DayZ Mod.url
2014-05-16 18:25 - 2014-05-16 18:07 - 00000000 ____D () C:\Users\PC\Documents\ArmA 2
2014-05-16 18:25 - 2014-05-16 18:07 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-16 18:07 - 2012-10-01 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-16 16:08 - 2014-05-16 16:08 - 00000201 _____ () C:\Users\PC\Desktop\Arma 2 Operation Arrowhead.url
2014-05-16 16:07 - 2014-05-16 16:07 - 00000201 _____ () C:\Users\PC\Desktop\Arma 2.url
2014-05-16 16:06 - 2013-04-13 18:36 - 00000429 _____ () C:\Users\PC\Desktop\Steam věci.txt
2014-05-15 21:28 - 2012-11-01 15:05 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-15 21:28 - 2012-11-01 15:05 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-15 21:28 - 2012-11-01 15:05 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-15 21:28 - 2012-11-01 15:05 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-15 20:15 - 2014-05-15 20:15 - 00000201 _____ () C:\Users\PC\Desktop\Arma Cold War Assault.url
2014-05-15 14:10 - 2012-12-17 10:57 - 00000000 ____D () C:\Users\Martin\AppData\Local\TSVNCache
2014-05-15 11:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 10:54 - 2013-06-26 09:24 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Seznam.cz
2014-05-15 10:49 - 2012-11-14 17:15 - 00000000 ____D () C:\Users\Martin\AppData\Local\LogMeIn Hamachi
2014-05-14 16:08 - 2011-06-09 16:25 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-05-14 16:03 - 2014-04-22 15:02 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-05-14 16:03 - 2014-04-22 15:02 - 00000000 ____D () C:\Users\Public\Util
2014-05-14 15:45 - 2014-05-14 15:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DropboxMaster
2014-05-14 15:45 - 2012-01-26 19:35 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-14 15:44 - 2014-01-30 15:11 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-05-14 15:44 - 2013-08-21 13:51 - 00000270 __RSH () C:\Users\PC\ntuser.pol
2014-05-14 15:43 - 2014-05-14 15:43 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-05-14 15:41 - 2011-03-26 18:44 - 00000000 ___RD () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 14:57 - 2014-05-14 14:57 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 14:57 - 2013-09-18 14:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 14:57 - 2012-04-21 09:12 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 14:57 - 2011-08-20 19:29 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 14:01 - 2014-05-14 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 14:01 - 2014-05-14 14:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 14:01 - 2013-12-23 20:00 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-14 14:01 - 2012-11-14 17:14 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 14:01 - 2012-11-14 17:14 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 14:00 - 2013-08-14 20:08 - 00000270 __RSH () C:\Users\Martin\ntuser.pol
2014-05-14 14:00 - 2012-11-14 17:14 - 00000000 ____D () C:\Users\Martin
2014-05-14 13:58 - 2014-05-06 22:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 12:53 - 2013-08-14 22:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 12:47 - 2011-04-03 11:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 14:22 - 2014-05-13 14:22 - 00002121 _____ () C:\Users\Martin\Downloads\smime (2).p7s
2014-05-12 16:35 - 2014-05-12 16:35 - 00016827 _____ () C:\Users\PC\Desktop\Nový textový dokument (2).txt
2014-05-12 14:06 - 2014-02-08 13:04 - 00000870 _____ () C:\Users\PC\Desktop\BitTorrent.lnk
2014-05-12 14:06 - 2014-02-08 13:04 - 00000850 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-05-11 17:39 - 2014-05-11 17:35 - 00000000 ____D () C:\ProgramData\IconCache
2014-05-11 17:36 - 2014-05-11 17:35 - 00000000 ____D () C:\Program Files\PCDApp
2014-05-11 16:57 - 2014-05-11 16:57 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-11 16:57 - 2014-05-11 16:57 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-11 16:57 - 2014-05-11 16:56 - 00000000 ____D () C:\ProgramData\ItsMyApp
2014-05-11 16:56 - 2014-05-11 16:56 - 00000000 ____D () C:\Users\PC\AppData\Local\Packages
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Guest
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Administrator
2014-05-09 16:48 - 2014-05-09 16:48 - 00000000 ____D () C:\Program Files (x86)\Dark Team
2014-05-09 11:27 - 2014-01-17 17:19 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-05-09 11:27 - 2014-01-17 17:19 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-05-09 11:27 - 2014-01-17 17:19 - 00002030 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-05-09 11:27 - 2014-01-17 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-09 08:14 - 2014-05-14 12:06 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 12:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 22:05 - 2012-10-26 14:25 - 00000000 ____D () C:\Users\PC\Desktop\MariO
2014-05-08 21:03 - 2014-05-08 21:03 - 00000000 ____D () C:\Program Files (x86)\Vinyl Artist
2014-05-08 13:21 - 2012-02-04 18:21 - 00003940 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 13:20 - 2012-02-04 18:21 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 21:24 - 2014-05-07 21:24 - 00000000 ____D () C:\Users\PC\Documents\Need for Speed World
2014-05-07 21:10 - 2011-03-27 14:25 - 00003914 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA
2014-05-07 21:10 - 2011-03-27 14:25 - 00003518 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core
2014-05-07 19:45 - 2014-05-07 19:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Need for Speed World
2014-05-07 19:38 - 2014-05-07 19:38 - 00000000 ____D () C:\Users\PC\AppData\Local\Electronic_Arts_Inc
2014-05-07 19:37 - 2014-05-07 19:37 - 00000687 _____ () C:\Users\PC\Desktop\Need For Speed World.lnk
2014-05-07 19:00 - 2011-06-20 18:01 - 00000000 ____D () C:\Users\PC\AppData\Local\Windows Live
2014-05-07 18:00 - 2014-05-07 18:00 - 00000201 _____ () C:\Users\PC\Desktop\Hammerfight.url
2014-05-07 16:58 - 2013-09-24 15:39 - 00000000 ____D () C:\Users\PC\AppData\Local\Battle.net
2014-05-06 22:48 - 2014-05-11 18:55 - 01411584 _____ () C:\Users\PC\Desktop\VinylHub.exe
2014-05-06 06:40 - 2014-05-14 12:54 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 12:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 12:54 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 12:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 12:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 12:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 18:01 - 2014-05-05 18:01 - 00000941 _____ () C:\Users\PC\Desktop\S4 League.lnk
2014-05-05 16:08 - 2014-05-05 16:08 - 00000199 _____ () C:\Users\PC\Desktop\Alien Swarm.url
2014-04-30 20:07 - 2011-03-27 14:27 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Mozilla
2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Oracle
2014-04-29 16:19 - 2013-10-08 14:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-29 16:17 - 2014-04-29 16:17 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-29 16:17 - 2012-09-14 21:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-29 14:45 - 2013-01-06 17:08 - 00000000 ____D () C:\AllShare Play
2014-04-28 18:18 - 2014-04-28 18:18 - 00001027 _____ () C:\Users\PC\Desktop\dsnbvgjkabvjjvkbfgvirbsejk.txt
2014-04-28 18:17 - 2012-11-05 20:43 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.minecraft
2014-04-25 20:39 - 2012-03-04 15:34 - 00000000 ____D () C:\Users\PC\Documents\My Games
2014-04-25 20:38 - 2014-04-25 20:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls
2014-04-25 20:38 - 2011-05-30 20:21 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-25 20:38 - 2011-05-30 20:21 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-25 20:37 - 2011-05-30 20:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-25 13:47 - 2014-04-25 13:47 - 00000000 ____D () C:\Program Files (x86)\MediaBuzzV1
2014-04-24 20:48 - 2011-12-26 11:08 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-24 16:13 - 2014-04-24 16:13 - 00000201 _____ () C:\Users\PC\Desktop\Rising StormRed Orchestra 2 Multiplayer.url
2014-04-24 15:33 - 2014-04-24 15:33 - 00000202 _____ () C:\Users\PC\Desktop\Red Orchestra 2 Heroes of Stalingrad - Single Player.url
2014-04-24 10:01 - 2014-04-24 10:01 - 33454051 _____ () C:\Users\Martin\Downloads\adriana.wmv
2014-04-23 16:15 - 2014-04-23 16:08 - 00000202 _____ () C:\Users\PC\Desktop\Starbound.url
2014-04-21 21:13 - 2014-04-21 00:01 - 00021217 _____ () C:\Users\PC\Desktop\Den Země 8.odt
2014-04-21 12:55 - 2013-02-24 21:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-20 22:40 - 2014-04-20 22:40 - 00017316 _____ () C:\Users\PC\Desktop\Den Země 2- Stálezelené okrasné keře.odt
2014-04-19 20:24 - 2014-04-19 20:24 - 00000000 ____D () C:\Windows\SysWOW64\Adobe

Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppmt1xm.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 12:07] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\PC\Desktop" je 2639 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

LuksaCZ · #14 Příspěvek od **LuksaCZ** » 19 kvě 2014 20:24

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by PC (administrator) on IRONMAN-PC on 19-05-2014 21:19:06
Running from C:\Users\PC\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CobianSoft, Luis Cobian) D:\zálohy\cbVSCService11.exe
(Luis Cobian, CobianSoft) D:\zálohy\cbService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files\PCDApp\dgen.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() D:\Tether\TBService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Ateksoft Company Ltd.) C:\Program Files (x86)\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Windows\vsnpstd3.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\BitTorrent\BitTorrent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(ZONER software) D:\Zoner Photo Studio 15 PRO\Photo Studio 15\Program32\ZPSTray.exe
() C:\Users\PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Dropbox, Inc.) C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
(Luis Cobian, CobianSoft) D:\zálohy\cbInterface.exe
() C:\Program Files (x86)\Genius\Maurus\mousehid.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
() C:\Windows\tsnpstd3.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Bohemia Interactive) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
(Valve Corporation) D:\Steam\GameOverlayUI.exe
(forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AllShare Play] => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [407384 2013-01-24] (Samsung Electronics)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [843776 2006-09-18] ()
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXUpdate] => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => D:\quick time\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => "D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => "D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrotray.exe"
HKLM-x32\...\Run: [YouTube Downloader_Helper] => C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe [1434112 2012-11-06] ()
HKLM-x32\...\Run: [Cobian Backup 11 interface] => D:\zálohy\cbInterface.exe [4407808 2012-12-06] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [Maurus] => C:\Program Files (x86)\Genius\Maurus\mousehid.exe [300544 2011-11-14] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088 2012-11-01] (VMware, Inc.)
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [368640 2007-06-15] ()
HKLM-x32\...\Run: [Babakan] => cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20131027 (exit) else (start http://dinoraptzor.org && exit)
HKLM-x32\...\Run: [DApp] => C:\Program Files\PCDApp\start.vbs [178 2014-04-10] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\.DEFAULT\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-19\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-20\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-03-27] (Google Inc.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [BitTorrent] => C:\Users\PC\AppData\Roaming\BitTorrent\BitTorrent.exe [1242704 2014-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\ZONER PHOTO STUDIO 15 PRO\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {0c72e62f-beec-11e2-9360-ac037121bffd} - G:\.autorun\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {144b7b0d-1e52-11e1-a388-6c626da95367} - G:\Setup.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {15628ea2-d2de-11e0-a08f-6c626da95367} - G:\setup.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {3422cb9c-64ff-11e0-bbc6-6c626da95367} - F:\AUTORUN.EXE
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {4af469b9-dc46-11e0-b910-6c626da95367} - H:\LaunchU3.exe -a
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {57a96814-8156-11e1-bcc4-6c626da95367} - G:\Setup.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {7e9790d5-e9c6-11e1-976e-6c626da95367} - H:\Startme.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {8b915dfc-bd4e-11e1-bfc0-6c626da95367} - G:\.autorun\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {9174d511-57c7-11e0-b14b-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {adb407a4-e205-11e1-a6e2-6c626da95367} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {adb407da-e205-11e1-a6e2-6c626da95367} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {cef6c04b-55d4-11e3-b9b0-87deec21a0e4} - G:\.autorun\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {d216ab17-5dcb-11e0-af16-806e6f6e6963} - E:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe (GamersFirst)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GmoteServer.lnk
ShortcutTarget: GmoteServer.lnk -> C:\Program Files (x86)\GmoteServer\GmoteServer.exe ()
Startup: C:\Users\Lukša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GmoteServer.lnk
ShortcutTarget: GmoteServer.lnk -> C:\Program Files (x86)\GmoteServer\GmoteServer.exe ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://btsearch.name
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {8d492f70-ea37-453e-a0e4-9d709483a4cd} URL = http://btsearch.name/results.php?q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {20593CF9-9306-42D8-9FC2-52F050A1119B} URL = http://encyklopedie.seznam.cz/search?q= ... ckSearch_5
SearchScopes: HKCU - {2920dec8-b4df-4d9c-8c7a-5bd8c78c84f7} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_5
SearchScopes: HKCU - {3748928C-33D4-44EA-8CB7-E837AFE26430} URL = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
SearchScopes: HKCU - {55bea2cd-16fd-4316-a777-7bf5feaf8557} URL = http://www.firmy.cz/?q={searchTerms}&so ... ckSearch_5
SearchScopes: HKCU - {608EEDD5-7B7E-48CF-851C-83754983ADC0} URL = http://www.novinky.cz/hledej?w={searchT ... ckSearch_5
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {8d492f70-ea37-453e-a0e4-9d709483a4cd} URL = http://btsearch.name/results.php?q={searchTerms}
SearchScopes: HKCU - {bdbe1035-eb8f-4bed-ab14-9e31927efedf} URL = http://www.mapy.cz/?query={searchTerms} ... ckSearch_5
SearchScopes: HKCU - {EC197609-C308-4241-BA77-EBB73CBD6B46} URL = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
BHO: save nete - {5B976A35-4DB5-5E82-59B3-7C302B87EE17} - C:\Program Files (x86)\save nete\78V.x64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: YouTube Downloader - {031afb00-725a-4ede-9d27-a2b5fac89e9a} - C:\Program Files (x86)\YouTube Downloader\YouTube Downloader.dll (HotSummerWind Software)
BHO-x32: Media Buzz - {12ecac86-1726-475f-a23c-7fd3add3e6de} - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ie\MediaBuzzV1mode3485.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Rich Media View - {ca5a84b5-a411-4248-bf6d-0d9b9306257c} - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ie\RichMediaViewV1release2525.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - YouTube Downloader - {031afb00-725a-4ede-9d27-a2b5fac89e9a} - C:\Program Files (x86)\YouTube Downloader\YouTube Downloader.dll (HotSummerWind Software)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 4.22.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{4504A1FD-E8B8-4BBD-AF58-1A26672804D9}: [NameServer]208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - D:\cs6 efekty\Acrobat 10.0\Acrobat\Air\nppdf32.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\PC\AppData\Local\Roblox\Versions\version-1031096e0eaf488a\\NPRobloxProxy.dll ( Roblox Corporation)
FF Plugin HKCU: @onlive.com/OnLiveGameClientDetector,version=1.0.0 - C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\PC\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\PC\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\PC\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: samsung.com/AllSharePlayPCPlugin - C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll (Samsung)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\PC\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\PC\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Default Manager - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\DefaultManager@Microsoft [2011-08-12]
FF Extension: Seznam lištička - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-06-03]
FF Extension: Gladiatus Tools - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\dvbr7ure.default\Extensions\{76063e7f-3558-4b68-8287-54eb6512adc0}.xpi [2013-06-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-14]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-24]
FF HKLM-x32\...\Firefox\Extensions: [fe_4.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_4.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_4.0 [2012-11-22]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode3485.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ff
FF Extension: Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ff [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release2525.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ff
FF Extension: Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ff [2014-05-14]
FF HKLM-x32\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012-11-22]

Chrome:
=======
CHR Extension: (saint row IV) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkhecioimgppakiakbmimkjjdillhda [2014-05-19]
CHR Extension: (Peněženka Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-19]
CHR HKLM-x32\...\Chrome\Extension: [kgoenfkniplliaojbkiplfcglldhbfmm] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ch\RichMediaViewV1release2525.crx [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [408184 2012-10-23] (Samsung)
S2 AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [662600 2013-01-24] (Copyright 2013 SAMSUNG)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2013-12-01] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 cbVSCService11; D:\zálohy\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian)
R2 CobianBackup11; D:\zálohy\cbService.exe [1131008 2012-12-06] (Luis Cobian, CobianSoft)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-25] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-04-25] ()
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97232 2014-05-09] ()
R2 Tether; D:\Tether\TBService.exe [52664 2011-09-29] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [736104 2012-02-14] (Tunngle.net GmbH)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13234176 2012-11-01] ()
R2 Webcamera Plus Service; C:\Program Files (x86)\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe [46592 2009-07-26] (Ateksoft Company Ltd.)
S2 BBSvc; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [X]
S2 d0e87c27; "C:\Windows\system32\rundll32.exe" "c:\progra~2\sw-boo~1\AssistantSvc.dll",service
S3 wampapache; "C:\Users\PC\Desktop\pepa\wamp\bin\apache\apache2.2.17\bin\httpd.exe" -k runservice [X]
S3 wampmysqld; C:\Users\PC\Desktop\pepa\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe wampmysqld [X]

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2011-04-30] ()
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-12-01] (BitRaider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-25] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [30592 2012-10-18] (REALiX(tm))
S1 ISODisk; C:\Windows\SysWow64\Drivers\ISODisk.sys [9600 2006-04-26] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2011-04-30] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10503168 2007-05-02] (Sonix Co. Ltd.)
R3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10222720 2007-05-02] (Sonix Co. Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 TSVAD_PCM; C:\Windows\System32\drivers\tsvadpcm.sys [33552 2012-08-22] (Windows (R) Win 7 DDK provider)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31384 2012-11-01] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S1 dhecwuae; \??\C:\Windows\system32\drivers\dhecwuae.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 fifymkoi; \??\C:\Windows\system32\drivers\fifymkoi.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S1 nrpzggvd; \??\C:\Windows\system32\drivers\nrpzggvd.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-19 21:19 - 2014-05-19 21:20 - 00031855 _____ () C:\Users\PC\Desktop\FRST.txt
2014-05-19 21:17 - 2014-05-19 21:19 - 00000000 ____D () C:\FRST
2014-05-19 21:16 - 2014-05-19 21:15 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe
2014-05-19 21:16 - 2014-05-19 21:11 - 02067456 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-05-19 20:45 - 2014-05-19 20:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-19 20:29 - 2014-05-19 20:48 - 00043907 _____ () C:\zoek-results.log
2014-05-19 20:26 - 2014-05-19 20:47 - 00000000 ____D () C:\zoek_backup
2014-05-19 20:26 - 2014-05-19 20:26 - 01285120 _____ () C:\Users\PC\Desktop\zoek.exe
2014-05-19 19:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-19 19:50 - 2014-05-19 19:50 - 01326389 _____ () C:\Users\PC\Desktop\adwcleaner_3.210 (1).exe
2014-05-19 17:36 - 2014-05-19 17:36 - 00068979 _____ () C:\Users\PC\Desktop\JRT.txt
2014-05-19 17:31 - 2014-05-19 20:03 - 00000000 ____D () C:\AdwCleaner
2014-05-19 17:30 - 2014-05-19 17:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 17:29 - 2014-05-19 17:28 - 01016261 _____ (Thisisu) C:\Users\PC\Desktop\JRT.exe
2014-05-19 17:20 - 2014-05-19 20:48 - 00000168 _____ () C:\Windows\setupact.log
2014-05-19 17:20 - 2014-05-19 20:47 - 00040450 _____ () C:\Windows\PFRO.log
2014-05-19 17:20 - 2014-05-19 17:20 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-19 16:41 - 2014-05-19 16:41 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 16:41 - 2014-05-19 16:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 16:40 - 2014-05-19 17:18 - 00000000 ____D () C:\Users\PC\Desktop\mbar
2014-05-19 16:40 - 2014-05-19 16:40 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-19 16:39 - 2014-05-19 16:39 - 12589848 _____ (Malwarebytes Corp.) C:\Users\PC\Desktop\mbar-1.07.0.1009.exe
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\rsit
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\Program Files\trend micro
2014-05-19 14:31 - 2014-05-19 14:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-18 16:41 - 2014-05-18 16:42 - 00000000 ____D () C:\Users\PC\Desktop\@dayz addons
2014-05-17 13:39 - 2014-05-18 13:29 - 00000000 ____D () C:\Users\PC\AppData\Roaming\FEZ
2014-05-17 12:29 - 2014-05-17 12:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\SpaceEngineers
2014-05-17 12:12 - 2014-05-17 12:12 - 00000201 _____ () C:\Users\PC\Desktop\Zeno Clash.url
2014-05-17 12:05 - 2014-05-17 12:05 - 00000202 _____ () C:\Users\PC\Desktop\Space Engineers.url
2014-05-17 12:04 - 2014-05-17 12:04 - 00000200 _____ () C:\Users\PC\Desktop\The Ship.url
2014-05-17 12:03 - 2014-05-17 12:03 - 00000202 _____ () C:\Users\PC\Desktop\FEZ.url
2014-05-17 12:03 - 2014-05-17 12:03 - 00000202 _____ () C:\Users\PC\Desktop\Calibre 10 Racing Series.url
2014-05-16 18:56 - 2014-05-16 18:56 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-05-16 18:51 - 2014-05-16 18:51 - 00000201 _____ () C:\Users\PC\Desktop\Anomaly Warzone Earth.url
2014-05-16 18:46 - 2014-05-16 18:46 - 00001379 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-05-16 18:44 - 2014-05-16 18:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Riot Games
2014-05-16 18:32 - 2014-05-16 18:32 - 00000202 _____ () C:\Users\PC\Desktop\Arma 2 DayZ Mod.url
2014-05-16 18:25 - 2014-05-18 15:15 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2 OA
2014-05-16 18:07 - 2014-05-17 13:27 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2
2014-05-16 18:07 - 2014-05-16 18:25 - 00000000 ____D () C:\Users\PC\Documents\ArmA 2
2014-05-16 18:07 - 2014-05-16 18:25 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-16 16:08 - 2014-05-16 16:08 - 00000201 _____ () C:\Users\PC\Desktop\Arma 2 Operation Arrowhead.url
2014-05-16 16:07 - 2014-05-16 16:07 - 00000201 _____ () C:\Users\PC\Desktop\Arma 2.url
2014-05-15 20:15 - 2014-05-15 20:15 - 00000201 _____ () C:\Users\PC\Desktop\Arma Cold War Assault.url
2014-05-14 15:45 - 2014-05-14 15:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DropboxMaster
2014-05-14 15:43 - 2014-05-14 15:43 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-05-14 14:57 - 2014-05-14 14:57 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 14:01 - 2014-05-14 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 14:01 - 2014-05-14 14:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 12:54 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 12:54 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 12:54 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 12:54 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 12:54 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 12:54 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 12:10 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 12:10 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 12:07 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 12:07 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 12:07 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 12:07 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 12:07 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 12:07 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 12:07 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 12:07 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 12:07 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 12:07 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 12:07 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 12:07 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 12:07 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 12:07 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 12:06 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 12:06 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 12:06 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 12:06 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 12:06 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 12:06 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 12:06 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 12:06 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 12:06 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 12:06 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 12:06 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 12:06 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 12:06 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-13 14:22 - 2014-05-13 14:22 - 00002121 _____ () C:\Users\Martin\Downloads\smime (2).p7s
2014-05-12 16:35 - 2014-05-12 16:35 - 00016827 _____ () C:\Users\PC\Desktop\Nový textový dokument (2).txt
2014-05-12 14:03 - 2014-05-19 20:48 - 00000000 _____ () C:\Windows\SysWOW64\s.o
2014-05-11 18:55 - 2014-05-06 22:48 - 01411584 _____ () C:\Users\PC\Desktop\VinylHub.exe
2014-05-11 17:46 - 2013-09-30 16:37 - 01133056 _____ () C:\Users\PC\Desktop\SlotBot™.exe
2014-05-11 17:35 - 2014-05-11 17:39 - 00000000 ____D () C:\ProgramData\IconCache
2014-05-11 17:35 - 2014-05-11 17:36 - 00000000 ____D () C:\Program Files\PCDApp
2014-05-11 16:57 - 2014-05-11 16:57 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-11 16:57 - 2014-05-11 16:57 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-11 16:56 - 2014-05-11 16:57 - 00000000 ____D () C:\ProgramData\ItsMyApp
2014-05-11 16:56 - 2014-05-11 16:56 - 00000000 ____D () C:\Users\PC\AppData\Local\Packages
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Guest
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Administrator
2014-05-09 16:48 - 2014-05-09 16:48 - 00000000 ____D () C:\Program Files (x86)\Dark Team
2014-05-08 21:03 - 2014-05-08 21:03 - 00000000 ____D () C:\Program Files (x86)\Vinyl Artist
2014-05-07 21:24 - 2014-05-07 21:24 - 00000000 ____D () C:\Users\PC\Documents\Need for Speed World
2014-05-07 19:45 - 2014-05-07 19:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Need for Speed World
2014-05-07 19:38 - 2014-05-07 19:38 - 00000000 ____D () C:\Users\PC\AppData\Local\Electronic_Arts_Inc
2014-05-07 19:37 - 2014-05-07 19:37 - 00000687 _____ () C:\Users\PC\Desktop\Need For Speed World.lnk
2014-05-07 18:00 - 2014-05-07 18:00 - 00000201 _____ () C:\Users\PC\Desktop\Hammerfight.url
2014-05-06 22:20 - 2014-05-14 13:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 18:01 - 2014-05-05 18:01 - 00000941 _____ () C:\Users\PC\Desktop\S4 League.lnk
2014-05-05 16:08 - 2014-05-05 16:08 - 00000199 _____ () C:\Users\PC\Desktop\Alien Swarm.url
2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Oracle
2014-04-29 16:17 - 2014-04-29 16:17 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-29 16:17 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-29 16:17 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-29 16:17 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-29 16:17 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-28 18:18 - 2014-04-28 18:18 - 00001027 _____ () C:\Users\PC\Desktop\dsnbvgjkabvjjvkbfgvirbsejk.txt
2014-04-25 20:38 - 2014-04-25 20:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls
2014-04-25 13:47 - 2014-04-25 13:47 - 00000000 ____D () C:\Program Files (x86)\MediaBuzzV1
2014-04-24 16:13 - 2014-04-24 16:13 - 00000201 _____ () C:\Users\PC\Desktop\Rising StormRed Orchestra 2 Multiplayer.url
2014-04-24 15:33 - 2014-04-24 15:33 - 00000202 _____ () C:\Users\PC\Desktop\Red Orchestra 2 Heroes of Stalingrad - Single Player.url
2014-04-24 10:01 - 2014-04-24 10:01 - 33454051 _____ () C:\Users\Martin\Downloads\adriana.wmv
2014-04-23 16:08 - 2014-04-23 16:15 - 00000202 _____ () C:\Users\PC\Desktop\Starbound.url
2014-04-22 15:02 - 2014-05-14 16:03 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-04-22 15:02 - 2014-05-14 16:03 - 00000000 ____D () C:\Users\Public\Util
2014-04-21 00:01 - 2014-04-21 21:13 - 00021217 _____ () C:\Users\PC\Desktop\Den Země 8.odt
2014-04-20 22:40 - 2014-04-20 22:40 - 00017316 _____ () C:\Users\PC\Desktop\Den Země 2- Stálezelené okrasné keře.odt
2014-04-19 20:24 - 2014-04-19 20:24 - 00000000 ____D () C:\Windows\SysWOW64\Adobe

==================== One Month Modified Files and Folders =======

2014-05-19 21:20 - 2014-05-19 21:19 - 00031855 _____ () C:\Users\PC\Desktop\FRST.txt
2014-05-19 21:20 - 2011-12-25 21:23 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype
2014-05-19 21:19 - 2014-05-19 21:17 - 00000000 ____D () C:\FRST
2014-05-19 21:19 - 2011-03-28 16:26 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BitTorrent
2014-05-19 21:15 - 2014-05-19 21:16 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe
2014-05-19 21:15 - 2011-03-27 14:25 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job
2014-05-19 21:15 - 2011-03-27 14:25 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job
2014-05-19 21:11 - 2014-05-19 21:16 - 02067456 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-05-19 20:57 - 2013-09-18 14:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-19 20:55 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-19 20:55 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-19 20:54 - 2013-06-21 22:11 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Seznam.cz
2014-05-19 20:52 - 2011-03-26 18:42 - 01193863 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 20:50 - 2012-01-26 19:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Dropbox
2014-05-19 20:49 - 2013-12-23 20:00 - 00000000 ____D () C:\Users\PC\AppData\Local\LogMeIn Hamachi
2014-05-19 20:48 - 2014-05-19 20:29 - 00043907 _____ () C:\zoek-results.log
2014-05-19 20:48 - 2014-05-19 17:20 - 00000168 _____ () C:\Windows\setupact.log
2014-05-19 20:48 - 2014-05-12 14:03 - 00000000 _____ () C:\Windows\SysWOW64\s.o
2014-05-19 20:48 - 2012-12-16 15:53 - 00000000 ____D () C:\Users\PC\AppData\Local\TSVNCache
2014-05-19 20:48 - 2012-09-03 13:50 - 00000000 ____D () C:\ProgramData\VMware
2014-05-19 20:48 - 2012-02-04 18:21 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-19 20:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-19 20:47 - 2014-05-19 20:26 - 00000000 ____D () C:\zoek_backup
2014-05-19 20:47 - 2014-05-19 17:20 - 00040450 _____ () C:\Windows\PFRO.log
2014-05-19 20:41 - 2011-12-30 14:06 - 00000000 ____D () C:\Users\PC\Desktop\Programy
2014-05-19 20:40 - 2012-11-13 17:15 - 00000000 ____D () C:\Users\Lukša
2014-05-19 20:40 - 2011-03-26 18:44 - 00000000 ____D () C:\Users\PC
2014-05-19 20:26 - 2014-05-19 20:45 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-19 20:26 - 2014-05-19 20:26 - 01285120 _____ () C:\Users\PC\Desktop\zoek.exe
2014-05-19 20:26 - 2012-02-04 18:21 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-19 20:20 - 2011-10-19 20:10 - 00000970 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job
2014-05-19 20:03 - 2014-05-19 17:31 - 00000000 ____D () C:\AdwCleaner
2014-05-19 19:50 - 2014-05-19 19:50 - 01326389 _____ () C:\Users\PC\Desktop\adwcleaner_3.210 (1).exe
2014-05-19 18:08 - 2011-03-26 18:44 - 00000000 ___RD () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 17:36 - 2014-05-19 17:36 - 00068979 _____ () C:\Users\PC\Desktop\JRT.txt
2014-05-19 17:36 - 2013-04-16 19:52 - 00001366 _____ () C:\Users\PC\Desktop\Opera.lnk
2014-05-19 17:36 - 2012-11-17 12:50 - 00000607 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-19 17:36 - 2012-11-14 17:39 - 00002259 _____ () C:\Users\PC\Desktop\Google Chrome.lnk
2014-05-19 17:36 - 2011-09-20 16:59 - 00001845 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-19 17:36 - 2011-04-11 17:39 - 00000607 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-19 17:36 - 2011-03-26 18:45 - 00001397 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-19 17:30 - 2014-05-19 17:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 17:28 - 2014-05-19 17:29 - 01016261 _____ (Thisisu) C:\Users\PC\Desktop\JRT.exe
2014-05-19 17:25 - 2012-12-11 16:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 17:20 - 2014-05-19 17:20 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-19 17:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-19 17:18 - 2014-05-19 16:40 - 00000000 ____D () C:\Users\PC\Desktop\mbar
2014-05-19 17:18 - 2013-03-04 18:30 - 00000000 ____D () C:\Users\PC\AppData\Roaming\InstallDir
2014-05-19 16:41 - 2014-05-19 16:41 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 16:41 - 2014-05-19 16:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 16:40 - 2014-05-19 16:40 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-19 16:39 - 2014-05-19 16:39 - 12589848 _____ (Malwarebytes Corp.) C:\Users\PC\Desktop\mbar-1.07.0.1009.exe
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\rsit
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\Program Files\trend micro
2014-05-19 14:38 - 2012-11-11 21:10 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Sony
2014-05-19 14:38 - 2011-04-12 18:17 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2014-05-19 14:37 - 2012-11-14 19:00 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-05-19 14:37 - 2012-10-28 16:00 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Ventrilo
2014-05-19 14:37 - 2011-12-26 11:08 - 00000000 ____D () C:\Users\PC\AppData\Roaming\TS3Client
2014-05-19 14:36 - 2011-03-26 18:38 - 00000000 ____D () C:\Windows\Panther
2014-05-19 14:35 - 2012-10-02 16:17 - 00000000 ____D () C:\Users\PC\AppData\Local\CrashDumps
2014-05-19 14:35 - 2011-04-03 11:25 - 00000000 ____D () C:\Windows\Minidump
2014-05-19 14:31 - 2014-05-19 14:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-19 14:31 - 2012-05-11 21:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-19 11:20 - 2011-10-19 20:10 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job
2014-05-18 20:01 - 2009-07-14 07:08 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 16:42 - 2014-05-18 16:41 - 00000000 ____D () C:\Users\PC\Desktop\@dayz addons
2014-05-18 15:15 - 2014-05-16 18:25 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2 OA
2014-05-18 13:29 - 2014-05-17 13:39 - 00000000 ____D () C:\Users\PC\AppData\Roaming\FEZ
2014-05-17 13:27 - 2014-05-16 18:07 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2
2014-05-17 12:34 - 2014-05-17 12:29 - 00000000 ____D () C:\Users\PC\AppData\Roaming\SpaceEngineers
2014-05-17 12:12 - 2014-05-17 12:12 - 00000201 _____ () C:\Users\PC\Desktop\Zeno Clash.url
2014-05-17 12:05 - 2014-05-17 12:05 - 00000202 _____ () C:\Users\PC\Desktop\Space Engineers.url
2014-05-17 12:04 - 2014-05-17 12:04 - 00000200 _____ () C:\Users\PC\Desktop\The Ship.url
2014-05-17 12:03 - 2014-05-17 12:03 - 00000202 _____ () C:\Users\PC\Desktop\FEZ.url
2014-05-17 12:03 - 2014-05-17 12:03 - 00000202 _____ () C:\Users\PC\Desktop\Calibre 10 Racing Series.url
2014-05-16 19:52 - 2011-06-02 16:20 - 00000000 ____D () C:\Users\PC\AppData\Local\PMB Files
2014-05-16 19:52 - 2011-06-02 16:20 - 00000000 ____D () C:\ProgramData\PMB Files
2014-05-16 18:56 - 2014-05-16 18:56 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-05-16 18:56 - 2011-04-03 11:32 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-05-16 18:51 - 2014-05-16 18:51 - 00000201 _____ () C:\Users\PC\Desktop\Anomaly Warzone Earth.url
2014-05-16 18:47 - 2014-05-16 18:44 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Riot Games
2014-05-16 18:46 - 2014-05-16 18:46 - 00001379 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-05-16 18:32 - 2014-05-16 18:32 - 00000202 _____ () C:\Users\PC\Desktop\Arma 2 DayZ Mod.url
2014-05-16 18:25 - 2014-05-16 18:07 - 00000000 ____D () C:\Users\PC\Documents\ArmA 2
2014-05-16 18:25 - 2014-05-16 18:07 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-16 18:07 - 2012-10-01 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-05-16 16:08 - 2014-05-16 16:08 - 00000201 _____ () C:\Users\PC\Desktop\Arma 2 Operation Arrowhead.url
2014-05-16 16:07 - 2014-05-16 16:07 - 00000201 _____ () C:\Users\PC\Desktop\Arma 2.url
2014-05-16 16:06 - 2013-04-13 18:36 - 00000429 _____ () C:\Users\PC\Desktop\Steam věci.txt
2014-05-15 21:28 - 2012-11-01 15:05 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-15 21:28 - 2012-11-01 15:05 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-15 21:28 - 2012-11-01 15:05 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-15 21:28 - 2012-11-01 15:05 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-15 20:15 - 2014-05-15 20:15 - 00000201 _____ () C:\Users\PC\Desktop\Arma Cold War Assault.url
2014-05-15 14:10 - 2012-12-17 10:57 - 00000000 ____D () C:\Users\Martin\AppData\Local\TSVNCache
2014-05-15 11:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 10:54 - 2013-06-26 09:24 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Seznam.cz
2014-05-15 10:49 - 2012-11-14 17:15 - 00000000 ____D () C:\Users\Martin\AppData\Local\LogMeIn Hamachi
2014-05-14 16:08 - 2011-06-09 16:25 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-05-14 16:03 - 2014-04-22 15:02 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-05-14 16:03 - 2014-04-22 15:02 - 00000000 ____D () C:\Users\Public\Util
2014-05-14 15:45 - 2014-05-14 15:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DropboxMaster
2014-05-14 15:45 - 2012-01-26 19:35 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-14 15:44 - 2014-01-30 15:11 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-05-14 15:44 - 2013-08-21 13:51 - 00000270 __RSH () C:\Users\PC\ntuser.pol
2014-05-14 15:43 - 2014-05-14 15:43 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-05-14 15:41 - 2011-03-26 18:44 - 00000000 ___RD () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 14:57 - 2014-05-14 14:57 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 14:57 - 2013-09-18 14:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 14:57 - 2012-04-21 09:12 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 14:57 - 2011-08-20 19:29 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 14:01 - 2014-05-14 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 14:01 - 2014-05-14 14:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 14:01 - 2013-12-23 20:00 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-14 14:01 - 2012-11-14 17:14 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 14:01 - 2012-11-14 17:14 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 14:00 - 2013-08-14 20:08 - 00000270 __RSH () C:\Users\Martin\ntuser.pol
2014-05-14 14:00 - 2012-11-14 17:14 - 00000000 ____D () C:\Users\Martin
2014-05-14 13:58 - 2014-05-06 22:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 12:53 - 2013-08-14 22:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 12:47 - 2011-04-03 11:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 14:22 - 2014-05-13 14:22 - 00002121 _____ () C:\Users\Martin\Downloads\smime (2).p7s
2014-05-12 16:35 - 2014-05-12 16:35 - 00016827 _____ () C:\Users\PC\Desktop\Nový textový dokument (2).txt
2014-05-12 14:06 - 2014-02-08 13:04 - 00000870 _____ () C:\Users\PC\Desktop\BitTorrent.lnk
2014-05-12 14:06 - 2014-02-08 13:04 - 00000850 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-05-11 17:39 - 2014-05-11 17:35 - 00000000 ____D () C:\ProgramData\IconCache
2014-05-11 17:36 - 2014-05-11 17:35 - 00000000 ____D () C:\Program Files\PCDApp
2014-05-11 16:57 - 2014-05-11 16:57 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-05-11 16:57 - 2014-05-11 16:57 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-05-11 16:57 - 2014-05-11 16:56 - 00000000 ____D () C:\ProgramData\ItsMyApp
2014-05-11 16:56 - 2014-05-11 16:56 - 00000000 ____D () C:\Users\PC\AppData\Local\Packages
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Guest
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-11 16:55 - 2014-05-11 16:55 - 00000000 ____D () C:\Users\Administrator
2014-05-09 16:48 - 2014-05-09 16:48 - 00000000 ____D () C:\Program Files (x86)\Dark Team
2014-05-09 11:27 - 2014-01-17 17:19 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-05-09 11:27 - 2014-01-17 17:19 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-05-09 11:27 - 2014-01-17 17:19 - 00002030 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-05-09 11:27 - 2014-01-17 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-09 08:14 - 2014-05-14 12:06 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 12:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 22:05 - 2012-10-26 14:25 - 00000000 ____D () C:\Users\PC\Desktop\MariO
2014-05-08 21:03 - 2014-05-08 21:03 - 00000000 ____D () C:\Program Files (x86)\Vinyl Artist
2014-05-08 13:21 - 2012-02-04 18:21 - 00003940 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 13:20 - 2012-02-04 18:21 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 21:24 - 2014-05-07 21:24 - 00000000 ____D () C:\Users\PC\Documents\Need for Speed World
2014-05-07 21:10 - 2011-03-27 14:25 - 00003914 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA
2014-05-07 21:10 - 2011-03-27 14:25 - 00003518 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core
2014-05-07 19:45 - 2014-05-07 19:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Need for Speed World
2014-05-07 19:38 - 2014-05-07 19:38 - 00000000 ____D () C:\Users\PC\AppData\Local\Electronic_Arts_Inc
2014-05-07 19:37 - 2014-05-07 19:37 - 00000687 _____ () C:\Users\PC\Desktop\Need For Speed World.lnk
2014-05-07 19:00 - 2011-06-20 18:01 - 00000000 ____D () C:\Users\PC\AppData\Local\Windows Live
2014-05-07 18:00 - 2014-05-07 18:00 - 00000201 _____ () C:\Users\PC\Desktop\Hammerfight.url
2014-05-07 16:58 - 2013-09-24 15:39 - 00000000 ____D () C:\Users\PC\AppData\Local\Battle.net
2014-05-06 22:48 - 2014-05-11 18:55 - 01411584 _____ () C:\Users\PC\Desktop\VinylHub.exe
2014-05-06 06:40 - 2014-05-14 12:54 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 12:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 12:54 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 12:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 12:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 12:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 18:01 - 2014-05-05 18:01 - 00000941 _____ () C:\Users\PC\Desktop\S4 League.lnk
2014-05-05 16:08 - 2014-05-05 16:08 - 00000199 _____ () C:\Users\PC\Desktop\Alien Swarm.url
2014-04-30 20:07 - 2011-03-27 14:27 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Mozilla
2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Oracle
2014-04-29 16:19 - 2013-10-08 14:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-29 16:17 - 2014-04-29 16:17 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-29 16:17 - 2012-09-14 21:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-29 14:45 - 2013-01-06 17:08 - 00000000 ____D () C:\AllShare Play
2014-04-28 18:18 - 2014-04-28 18:18 - 00001027 _____ () C:\Users\PC\Desktop\dsnbvgjkabvjjvkbfgvirbsejk.txt
2014-04-28 18:17 - 2012-11-05 20:43 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.minecraft
2014-04-25 20:39 - 2012-03-04 15:34 - 00000000 ____D () C:\Users\PC\Documents\My Games
2014-04-25 20:38 - 2014-04-25 20:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls
2014-04-25 20:38 - 2011-05-30 20:21 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-25 20:38 - 2011-05-30 20:21 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-25 20:37 - 2011-05-30 20:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-25 13:47 - 2014-04-25 13:47 - 00000000 ____D () C:\Program Files (x86)\MediaBuzzV1
2014-04-24 20:48 - 2011-12-26 11:08 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-24 16:13 - 2014-04-24 16:13 - 00000201 _____ () C:\Users\PC\Desktop\Rising StormRed Orchestra 2 Multiplayer.url
2014-04-24 15:33 - 2014-04-24 15:33 - 00000202 _____ () C:\Users\PC\Desktop\Red Orchestra 2 Heroes of Stalingrad - Single Player.url
2014-04-24 10:01 - 2014-04-24 10:01 - 33454051 _____ () C:\Users\Martin\Downloads\adriana.wmv
2014-04-23 16:15 - 2014-04-23 16:08 - 00000202 _____ () C:\Users\PC\Desktop\Starbound.url
2014-04-21 21:13 - 2014-04-21 00:01 - 00021217 _____ () C:\Users\PC\Desktop\Den Země 8.odt
2014-04-21 12:55 - 2013-02-24 21:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-20 22:40 - 2014-04-20 22:40 - 00017316 _____ () C:\Users\PC\Desktop\Den Země 2- Stálezelené okrasné keře.odt
2014-04-19 20:24 - 2014-04-19 20:24 - 00000000 ____D () C:\Windows\SysWOW64\Adobe

Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppmt1xm.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 12:07] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\PC\Desktop" je 2639 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#15 Příspěvek od **vyosek** » 19 kvě 2014 20:31

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AllShare Play] => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [407384 2013-01-24] (Samsung Electronics)
HKLM-x32\...\Run: [DivXUpdate] => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => D:\quick time\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => "D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => "D:\cs6 efekty\Acrobat 10.0\Acrobat\Acrotray.exe"
HKLM-x32\...\Run: [YouTube Downloader_Helper] => C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe [1434112 2012-11-06] ()
HKLM-x32\...\Run: [Maurus] => C:\Program Files (x86)\Genius\Maurus\mousehid.exe [300544 2011-11-14] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088 2012-11-01] (VMware, Inc.)
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [368640 2007-06-15] ()
HKLM-x32\...\Run: [Babakan] => cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20131027 (exit) else (start http://dinoraptzor.org && exit)
HKLM-x32\...\Run: [DApp] => C:\Program Files\PCDApp\start.vbs [178 2014-04-10] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\.DEFAULT\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-19\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-20\...\Run: [Exetender_298] => "C:\Program Files (x86)\Frag Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-03-27] (Google Inc.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [BitTorrent] => C:\Users\PC\AppData\Roaming\BitTorrent\BitTorrent.exe [1242704 2014-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\ZONER PHOTO STUDIO 15 PRO\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {0c72e62f-beec-11e2-9360-ac037121bffd} - G:\.autorun\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {144b7b0d-1e52-11e1-a388-6c626da95367} - G:\Setup.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {15628ea2-d2de-11e0-a08f-6c626da95367} - G:\setup.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {3422cb9c-64ff-11e0-bbc6-6c626da95367} - F:\AUTORUN.EXE
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {4af469b9-dc46-11e0-b910-6c626da95367} - H:\LaunchU3.exe -a
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {57a96814-8156-11e1-bcc4-6c626da95367} - G:\Setup.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {7e9790d5-e9c6-11e1-976e-6c626da95367} - H:\Startme.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {8b915dfc-bd4e-11e1-bfc0-6c626da95367} - G:\.autorun\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {9174d511-57c7-11e0-b14b-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {adb407a4-e205-11e1-a6e2-6c626da95367} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {adb407da-e205-11e1-a6e2-6c626da95367} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {cef6c04b-55d4-11e3-b9b0-87deec21a0e4} - G:\.autorun\autorun.exe
HKU\S-1-5-21-2876342913-1738241564-3004853940-1001\...\MountPoints2: {d216ab17-5dcb-11e0-af16-806e6f6e6963} - E:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://btsearch.name
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {8d492f70-ea37-453e-a0e4-9d709483a4cd} URL = http://btsearch.name/results.php?q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {8d492f70-ea37-453e-a0e4-9d709483a4cd} URL = http://btsearch.name/results.php?q={searchTerms}
BHO: save nete - {5B976A35-4DB5-5E82-59B3-7C302B87EE17} - C:\Program Files (x86)\save nete\78V.x64.dll No File
BHO-x32: Media Buzz - {12ecac86-1726-475f-a23c-7fd3add3e6de} - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ie\MediaBuzzV1mode3485.dll ()
BHO-x32: Rich Media View - {ca5a84b5-a411-4248-bf6d-0d9b9306257c} - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ie\RichMediaViewV1release2525.dll ()
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode3485.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ff
FF Extension: Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3485\ff [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release2525.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ff
FF Extension: Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ff [2014-05-14]

CHR Extension: (saint row IV) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkhecioimgppakiakbmimkjjdillhda [2014-05-19]
CHR HKLM-x32\...\Chrome\Extension: [kgoenfkniplliaojbkiplfcglldhbfmm] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2525\ch\RichMediaViewV1release2525.crx [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

DisableService: c2cautoupdatesvc
DisableService: c2cpnrsvc

S2 BBSvc; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [X]
S2 d0e87c27; "C:\Windows\system32\rundll32.exe" "c:\progra~2\sw-boo~1\AssistantSvc.dll",service

S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S1 dhecwuae; \??\C:\Windows\system32\drivers\dhecwuae.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 fifymkoi; \??\C:\Windows\system32\drivers\fifymkoi.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S1 nrpzggvd; \??\C:\Windows\system32\drivers\nrpzggvd.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

C:\Program Files (x86)\RichMediaViewV1
C:\Program Files (x86)\MediaBuzzV1
2014-05-19 21:16 - 2014-05-19 21:15 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe
2014-05-19 21:19 - 2014-05-19 21:20 - 00031855 _____ () C:\Users\PC\Desktop\FRST.txt
2014-05-19 20:45 - 2014-05-19 20:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-19 20:29 - 2014-05-19 20:48 - 00043907 _____ () C:\zoek-results.log
2014-05-19 20:26 - 2014-05-19 20:47 - 00000000 ____D () C:\zoek_backup
2014-05-19 20:26 - 2014-05-19 20:26 - 01285120 _____ () C:\Users\PC\Desktop\zoek.exe
2014-05-19 19:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-19 19:50 - 2014-05-19 19:50 - 01326389 _____ () C:\Users\PC\Desktop\adwcleaner_3.210 (1).exe
2014-05-19 17:36 - 2014-05-19 17:36 - 00068979 _____ () C:\Users\PC\Desktop\JRT.txt
2014-05-19 17:31 - 2014-05-19 20:03 - 00000000 ____D () C:\AdwCleaner
2014-05-19 17:30 - 2014-05-19 17:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 17:29 - 2014-05-19 17:28 - 01016261 _____ (Thisisu) C:\Users\PC\Desktop\JRT.exe
2014-05-19 16:41 - 2014-05-19 16:41 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 16:41 - 2014-05-19 16:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 16:40 - 2014-05-19 17:18 - 00000000 ____D () C:\Users\PC\Desktop\mbar
2014-05-19 16:40 - 2014-05-19 16:40 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-19 16:39 - 2014-05-19 16:39 - 12589848 _____ (Malwarebytes Corp.) C:\Users\PC\Desktop\mbar-1.07.0.1009.exe
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\rsit
2014-05-19 16:09 - 2014-05-19 16:09 - 00000000 ____D () C:\Program Files\trend micro

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876342913-1738241564-3004853940-1001UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {05733CB6-75BD-44B5-A5B7-28F38B10FE39} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {074369D3-E7B8-43C4-A17E-818D45B122D7} - \YourFile Update No Task File <==== ATTENTION
Task: {55339F01-6F60-4783-B19E-BC3CBA7AEDCA} - \RunAsStdUser Task No Task File <==== ATTENTION
Task: {609B281B-AEEF-4E9F-8C99-C34AF2C02080} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {61D46691-CABD-4F61-AA48-EB0F035E1A2A} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {72CCDAEE-2720-42DC-82F5-AEE5A9FD5A2C} - \DTReg No Task File <==== ATTENTION
Task: {78260C23-8272-4CC5-A383-DC9D1F700D89} - \SW-Booster-S-702149676 No Task File <==== ATTENTION
Task: {EEEB5A41-2872-4F3A-BAB6-C9D9FC819312} - \Express FilesUpdate No Task File <==== ATTENTION

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

VIRY.CZ

100% využití procesoru

100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru

Re: 100% využití procesoru