Logfile of random's system information tool 1.10 (written by random/random)
Run by Maros at 2014-07-17 15:47:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (16%) free of 98 GB
Total RAM: 3407 MB (36% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe" -fa
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 32797152
\??\C:\Windows\system32\conhost.exe "-2047657777-937349682468076657672136900746156109-34807059689911027473295466
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\SysWOW64\irstrtsv.exe
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTHidMonitor.exe"
\??\C:\Windows\system32\conhost.exe "7456013012037398756-4883495721080115027-10670526831492321894-2027279946-338983053
"C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\diMaster.dll" /prefetch:1
"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
WLIDSvcM.exe 3004
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2c02cde5-fc7b-4d69-b27d-d696335b90d2 -SystemEventPortName:HostProcess-ed7425dc-3837-4745-99f6-33b0e86205f4 -IoCancelEventPortName:HostProcess-aac784e6-167d-4476-92c5-0544cff75772 -NonStateChangingEventPortName:HostProcess-ea0aef2f-69d3-4672-9f67-59623523a553 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:55ec2706-d7c2-4740-ba34-622fe60610b4 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe" /c /a /s UserSession
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe" -servicelaunch=true
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Cypress\TrackPad\CyCpIo.exe"
"C:\Program Files\Cypress\TrackPad\CyHidWin.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
"C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN24CBS14605KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
"C:\Users\Maros\AppData\Local\Apps\2.0\5903LO32.L25\20RPDDCB.EJN\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe"
"C:\Users\Maros\AppData\Local\Viber\Viber.exe" StartMinimized
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="540.0.179737536.nikko1\1465730627" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2455 --ignored=" --type=renderer " /prefetch:822062411
FATrayAlert.exe
"C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe" /CALL
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Maros\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@EDVR/WebClient]
"Description"=EDVR Web Client Plugin
"Path"=C:\windows\system32\WebClient\npwebclient.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nptrademanager.dll
QuickTimePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll [2014-06-26 917344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA5BCE70-D057-4D63-943D-5F3927EC59F1}]
Face recognition web login for FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2011-08-19 758256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C2DD58F-613F-4580-8AC0-F10D760AF938}]
Simple New Tab Bho - C:\Users\Maros\AppData\Local\simple_new_tab\simple_new_tab.dll [2014-01-11 213504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll [2014-06-26 654688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL [2014-02-21 392344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}]
ZoneAlarm Do Not Track - C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPAddon.dll [2012-12-13 472592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4}]
TheSea.TheSeaPlugin - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA5BCE70-D057-4D63-943D-5F3927EC59F1}]
Face recognition web login for FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2011-08-19 593904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7}]
ChromeFrame BHO - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02 2215240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll [2014-06-26 917344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll [2014-06-26 654688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CyCpIo"=C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2012-05-03 2429440]
"CyHidWin"=C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2012-05-03 2371584]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-03-30 6469736]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-03-09 1158248]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-27 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-27 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-27 416024]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-03-15 178960]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-03-27 11407120]
"IntelPROSet"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2012-04-17 4756240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet Pro 8600 (NET)"=C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"DellSystemDetect"=C:\Users\Maros\AppData\Local\Apps\2.0\5903LO32.L25\20RPDDCB.EJN\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [2014-04-10 258160]
"Viber"=C:\Users\Maros\AppData\Local\Viber\Viber.exe [2014-03-05 936456]
"GoogleChromeAutoLaunch_6330810F60C6FA6EF269FD2BE97A4501"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-06-05 860488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMgr]
C:\Users\Maros\AppData\Roaming\DataMgr\DataMgr.exe [2014-01-23 168824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2012-03-06 577024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FA755F6B55011644A04BC010584FBC50732A62A4._service_run]
C:\Users\Maros\AppData\Local\Google\Chrome\Application\chrome.exe --type=service []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FATrayAlert]
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [2011-08-19 96240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iFunBox Price Watch]
C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe /tray []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLivid]
C:\Users\Maros\AppData\Local\iLivid\iLivid.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intermediate]
C:\Users\Maros\AppData\Roaming\Intermediate\Intermediate.exe [2013-12-09 37376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2012-06-08 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Plugin Install]
C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [2014-03-20 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCheck]
C:\Users\Maros\AppData\Roaming\SCheck\SCheck.exe [2013-12-09 37376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snoozer]
C:\Users\Maros\AppData\Roaming\Snz\Snz.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSync]
C:\Users\Maros\AppData\Roaming\SSync\SSync.exe [2013-12-09 37376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-06-24 6564120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncios device service]
C:\Program Files (x86)\Syncios\SynciosDeviceService.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
C:\Users\Maros\AppData\Local\Viber\Viber.exe [2014-03-05 936456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsUpdate]
C:\Users\Maros\ZNHCL\PDBLD.vbs [2013-07-31 1407300]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-06-16 833024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-06-16 833024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"FLxHCIm64"=C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [2013-08-29 183808]
"FAStartup"= []
"FATrayAlert"=C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [2011-08-19 96240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-05-26 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-11 256896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-07-20 390144]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
FAPassSync
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-07-17 15:47:09 ----D---- C:\rsit
2014-07-17 15:47:09 ----D---- C:\Program Files\trend micro
2014-07-17 15:25:06 ----SHD---- C:\$RECYCLE.BIN
2014-07-17 15:23:45 ----D---- C:\Windows\pss
2014-07-16 08:12:03 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-07-10 16:27:46 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-10 16:27:46 ----A---- C:\Windows\system32\iernonce.dll
2014-07-10 16:27:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-10 16:27:45 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-10 16:27:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-10 16:27:44 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-10 16:27:43 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-10 16:27:43 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-10 16:27:43 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-10 16:27:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-10 16:27:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-10 16:27:42 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 16:27:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-10 16:27:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-10 16:27:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-10 16:27:39 ----A---- C:\Windows\system32\urlmon.dll
2014-07-10 16:27:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-10 16:27:38 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 16:27:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-10 16:27:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-10 16:27:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-10 16:27:36 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-10 16:27:35 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-10 16:27:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-10 16:27:35 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-10 16:27:34 ----A---- C:\Windows\system32\iesetup.dll
2014-07-10 16:27:34 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-10 16:27:33 ----A---- C:\Windows\system32\iertutil.dll
2014-07-10 16:27:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-10 16:27:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-10 16:27:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-10 16:27:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-10 16:27:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-10 16:27:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-10 16:27:31 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-10 16:27:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-10 16:27:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-10 16:27:28 ----A---- C:\Windows\system32\ieui.dll
2014-07-10 16:27:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-10 16:27:27 ----A---- C:\Windows\system32\ieframe.dll
2014-07-10 16:27:26 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-10 16:27:26 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-10 16:27:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-10 16:27:25 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-10 16:27:25 ----A---- C:\Windows\system32\jscript9.dll
2014-07-10 16:27:24 ----A---- C:\Windows\system32\wininet.dll
2014-07-10 16:27:24 ----A---- C:\Windows\system32\vbscript.dll
2014-07-10 16:27:24 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-10 16:27:23 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-10 16:27:22 ----A---- C:\Windows\system32\msrating.dll
2014-07-10 16:27:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 16:27:21 ----A---- C:\Windows\system32\mshtml.dll
2014-07-10 16:22:47 ----A---- C:\Windows\system32\aepdu.dll
2014-07-10 16:22:44 ----A---- C:\Windows\system32\aeinv.dll
2014-07-10 16:22:39 ----A---- C:\Windows\system32\win32k.sys
2014-07-10 16:22:36 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-10 16:22:36 ----A---- C:\Windows\system32\osk.exe
2014-07-10 16:13:32 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-10 16:13:31 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-10 16:13:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-10 15:45:15 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-10 15:45:15 ----A---- C:\Windows\system32\qedit.dll
2014-07-10 15:44:59 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-10 15:44:39 ----A---- C:\Windows\system32\schannel.dll
2014-07-10 15:44:38 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-10 15:44:37 ----A---- C:\Windows\system32\kerberos.dll
2014-07-10 15:44:36 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-10 15:44:36 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-10 15:44:35 ----A---- C:\Windows\system32\wdigest.dll
2014-07-10 15:44:35 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-10 15:44:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-10 15:44:34 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-10 15:44:33 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-10 15:44:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-10 15:44:31 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-10 15:44:30 ----A---- C:\Windows\system32\credssp.dll
2014-07-10 15:44:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-06-21 12:04:56 ----D---- C:\Program Files\iPod
2014-06-21 12:04:53 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-21 12:04:52 ----D---- C:\Program Files\iTunes
2014-06-18 13:19:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-07-17 15:47:09 ----RD---- C:\Program Files
2014-07-17 15:30:01 ----HD---- C:\Windows\system32\WLANProfiles
2014-07-17 15:29:44 ----D---- C:\Windows\temp
2014-07-17 15:28:55 ----D---- C:\Windows\System32
2014-07-17 15:28:55 ----D---- C:\Windows\inf
2014-07-17 15:28:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-17 15:26:49 ----A---- C:\Windows\SYSWOW64\log.txt
2014-07-17 15:25:13 ----D---- C:\Users\Maros\AppData\Roaming\ViberPC
2014-07-17 15:24:33 ----SHD---- C:\System Volume Information
2014-07-17 15:24:05 ----D---- C:\Windows\system32\config
2014-07-17 15:23:45 ----D---- C:\Windows
2014-07-17 15:10:21 ----D---- C:\Users\Maros\AppData\Roaming\Skype
2014-07-17 15:06:10 ----D---- C:\Qoobox
2014-07-17 13:37:36 ----D---- C:\Windows\system32\Tasks
2014-07-17 13:32:12 ----D---- C:\Windows\system32\drivers\N360x64
2014-07-16 08:31:51 ----D---- C:\Windows\SysWOW64
2014-07-16 08:31:48 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-16 08:12:45 ----D---- C:\ProgramData\Oracle
2014-07-16 08:12:05 ----SHD---- C:\Windows\Installer
2014-07-16 08:12:04 ----D---- C:\Program Files (x86)\Common Files
2014-07-16 08:11:45 ----D---- C:\Program Files (x86)\Java
2014-07-14 17:47:06 ----RD---- C:\Program Files (x86)\Skype
2014-07-14 17:47:04 ----D---- C:\ProgramData\Skype
2014-07-11 03:02:05 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56:01 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-07-11 02:55:32 ----A---- C:\Windows\SYSWOW64\java.exe
2014-07-11 00:45:52 ----D---- C:\Windows\winsxs
2014-07-11 00:44:35 ----D---- C:\Program Files\Windows Journal
2014-07-11 00:44:34 ----SD---- C:\Windows\system32\CompatTel
2014-07-11 00:44:33 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-11 00:44:32 ----D---- C:\Windows\system32\Dism
2014-07-11 00:44:30 ----D---- C:\Windows\ehome
2014-07-11 00:44:29 ----D---- C:\Windows\system32\en-US
2014-07-11 00:44:29 ----D---- C:\Windows\system32\drivers
2014-07-11 00:44:28 ----D---- C:\Program Files\Internet Explorer
2014-07-11 00:44:27 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-11 00:44:25 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-11 00:37:29 ----D---- C:\ProgramData\Microsoft Help
2014-07-11 00:34:48 ----D---- C:\Windows\system32\MRT
2014-07-11 00:32:07 ----A---- C:\Windows\system32\MRT.exe
2014-07-10 16:13:13 ----D---- C:\Windows\system32\catroot2
2014-07-10 16:13:13 ----D---- C:\Windows\system32\catroot
2014-07-10 03:44:36 ----D---- C:\Windows\system32\NDF
2014-06-30 19:12:04 ----D---- C:\Users\Maros\AppData\Roaming\Fifth
2014-06-24 19:17:11 ----D---- C:\Program Files\SUPERAntiSpyware
2014-06-24 11:33:36 ----RD---- C:\Program Files (x86)
2014-06-21 12:05:23 ----D---- C:\Program Files (x86)\iTunes
2014-06-21 12:04:53 ----D---- C:\ProgramData
2014-06-19 10:39:27 ----D---- C:\Windows\rescache
2014-06-19 09:48:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-05-20 557848]
R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2014-06-23 358616]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\1504000.00D\SYMDS64.SYS [2013-09-10 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [2014-03-04 1148120]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [2014-05-10 1530160]
R1 ccSet_N360;N360 Settings Manager; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [2013-09-26 162392]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-06-11 486192]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140715.001\IDSvia64.sys [2014-03-26 525016]
R1 RapportCerberus_69108;RapportCerberus_69108; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_69108.sys [2014-06-30 631128]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-06-23 299736]
R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-06-23 414296]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [2014-02-13 875736]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [2013-09-10 36952]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [2013-09-27 264280]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [2014-02-18 593112]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2013-06-05 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2012-06-08 72216]
R3 acpials;ALS Sensor Filter; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-01 195584]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-08-20 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-02-13 95232]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-02-13 747008]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-06-16 176000]
R3 cyhid;Cypress Input Device; C:\Windows\system32\DRIVERS\cyhid.sys [2012-05-04 125440]
R3 cykbfltrService;Cypress Keyboard Filter Driver; C:\Windows\system32\DRIVERS\cykbfltr.sys [2012-05-04 14336]
R3 cymfltrService;Cypress Trackpad Filter Driver; C:\Windows\system32\DRIVERS\cymfltr.sys [2012-05-04 88576]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-06-11 142128]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2013-08-29 250024]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2013-08-29 77480]
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-03-21 60928]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-07-20 12287456]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2011-11-10 25024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-04-11 4021736]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver; C:\Windows\system32\DRIVERS\irstrtdv.sys [2011-06-16 26504]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2013-01-19 46568]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2011-09-08 25496]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2012-06-08 11552]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-22 56600]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140716.024\ENG64.SYS [2014-06-20 126040]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140716.024\EX64.SYS [2014-06-20 2099288]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-03-12 11471872]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-11-14 177752]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-01 195584]
S3 AX88178;ASIX AX88178 USB2.0 to Gigabit Ethernet Adapter; C:\Windows\system32\DRIVERS\ax88178.sys [2009-10-02 56320]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 FACAP;facap, FastAccess Video Capture; C:\Windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-27 158976]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-09-08 34200]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2013-07-25 23040]
S3 NPF;WinPcap Packet Driver (NPF); C:\Windows\system32\drivers\NPF.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-10-10 144152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-01 659976]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-03-27 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-03-27 1104208]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-03-08 135952]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-04-17 626960]
R2 FAService;FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2011-08-19 2451440]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2011-07-07 184320]
R2 ISCTAgent;ISCT Always Updated Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2011-11-10 121856]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-09-28 212944]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2014-04-29 376144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-01-19 325912]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [2014-06-27 265040]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-03-25 230408]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-06-23 1886488]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-04-17 148752]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2011-05-18 199272]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-19 2594584]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-03-27 1304912]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 641352]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-16 262320]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-04-17 273168]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2011-12-15 14848]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-01 1255736]
S4 DellDigitalDelivery;Dell Digital Delivery Service; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-08-02 173056]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2014-04-29 226640]
S4 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2012-06-08 407424]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu zpomalený pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosim o kontrolu zpomalený pc
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: prosim o kontrolu zpomalený pc
# AdwCleaner v3.216 - Report created 20/07/2014 at 11:03:21
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maros - XPS1
# Running from : C:\Users\Maros\Desktop\adwcleaner_3.216.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\user.js
File Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\user.js
File Found : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Search.lnk
File Found : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\xVidly.lnk
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\Extensions\om@offermosquito.com.xpi
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\user.js
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\searchplugins\Babylon.xml
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\user.js
File Found : C:\Users\Maros\AppData\Roaming\speedanalysis.ico
File Found : C:\Users\Maros\daemonprocess.txt
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\Fifth
File Found : C:\Windows\System32\Tasks\Funmoods
File Found : C:\Windows\System32\Tasks\OMESupervisor
File Found : C:\Windows\SysWOW64\RegistryHelperLM.ocx
Folder Found : C:\Program Files (x86)\File Type Assistant
Folder Found : C:\Program Files (x86)\Gophoto.it
Folder Found : C:\Program Files (x86)\GreenTree Applications
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\ffxtlbr@mysearchdial.com
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\ilividmoviestoolbarha
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\ffxtlbr@mysearchdial.com
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\ilividmoviestoolbarha
Folder Found : C:\Users\Maros\AppData\Local\Bundled software uninstaller
Folder Found : C:\Users\Maros\AppData\Local\Conduit
Folder Found : C:\Users\Maros\AppData\Local\ext_offermosquito
Folder Found : C:\Users\Maros\AppData\Local\FileTypeAssistant
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbemlhjodpfopddibpbppifmogphpmil
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Found : C:\Users\Maros\AppData\Local\iac
Folder Found : C:\Users\Maros\AppData\Local\simple_new_tab
Folder Found : C:\Users\Maros\AppData\Local\Slick Savings
Folder Found : C:\Users\Maros\AppData\Local\Supreme Savings
Folder Found : C:\Users\Maros\AppData\LocalLow\ilividmoviestoolbarha
Folder Found : C:\Users\Maros\AppData\Roaming\1H1Q
Folder Found : C:\Users\Maros\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Found : C:\Users\Maros\AppData\Roaming\Common\LuaRT
Folder Found : C:\Users\Maros\AppData\Roaming\Fifth
Folder Found : C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Found : C:\Users\Maros\AppData\Roaming\Nico Mak Computing
Folder Found : C:\Users\Maros\AppData\Roaming\OfferMosquito
Folder Found : C:\Users\Maros\AppData\Roaming\SeeSimilar02
Folder Found : C:\Users\Maros\AppData\Roaming\Snz
Folder Found : C:\Users\Maros\AppData\Roaming\Windows Net Data
Folder Found : C:\Users\Maros\Documents\PC Health Kit
Folder Found : C:\Users\wangjihua\AppData\Local\Mobogenie
Folder Found : C:\Users\wangzhisong\AppData\Local\Mobogenie
***** [ Shortcuts ] *****
Shortcut Found : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Search.lnk ( -url hxxp://www2.delta-search.com/?babsrc=DT_ss&mntrId=3AFD00FF022FAA6F&affID=119649&tt=160913_m2&tsp=5013 -wbr 4 )
***** [ Registry ] *****
Key Found : HKCU\Software\5857888db53cec44
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Classes\iLivid.torrent
Key Found : HKCU\Software\Google\Chrome\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh
Key Found : HKCU\Software\Google\Chrome\Extensions\kbemlhjodpfopddibpbppifmogphpmil
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\OfferMosquito
Key Found : HKCU\Software\Protector
Key Found : [x64] HKCU\Software\OfferMosquito
Key Found : [x64] HKCU\Software\Protector
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\5857888db53cec44
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kbemlhjodpfopddibpbppifmogphpmil
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
-\\ Mozilla Firefox v30.0 (en-GB)
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js ]
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js ]
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js ]
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js ]
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js ]
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Homepage] : hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Found [Extension] : pflphaooapbgpeakohlggbpidpppgdff
[ File : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Homepage] : hxxp://search.conduit.com/?ctid=CT3286379&SearchSource=48&CUI=UN28310686502618631&UM=2
Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Found [Extension] : hokjjpjfnfjanfhjfchcpnhndokopmlh
Found [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Found [Extension] : kbemlhjodpfopddibpbppifmogphpmil
Found [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Found [Extension] : pflphaooapbgpeakohlggbpidpppgdff
Found [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk
Found [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [22555 octets] - [20/07/2014 11:03:21]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [22616 octets] ##########
# AdwCleaner v3.216 - Report created 20/07/2014 at 11:12:59
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maros - XPS1
# Running from : C:\Users\Maros\Desktop\adwcleaner_3.216.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\Maros\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Maros\AppData\Local\Conduit
Folder Deleted : C:\Users\Maros\AppData\Local\ext_offermosquito
Folder Deleted : C:\Users\Maros\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito
Folder Deleted : C:\Users\Maros\AppData\Local\iac
Folder Deleted : C:\Users\Maros\AppData\Local\simple_new_tab
Folder Deleted : C:\Users\Maros\AppData\Local\Slick Savings
Folder Deleted : C:\Users\Maros\AppData\Local\Supreme Savings
Folder Deleted : C:\Users\Maros\AppData\LocalLow\ilividmoviestoolbarha
Folder Deleted : C:\Users\Maros\AppData\Roaming\1H1Q
Folder Deleted : C:\Users\Maros\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\Maros\AppData\Roaming\Common\LuaRT
Folder Deleted : C:\Users\Maros\AppData\Roaming\Fifth
Folder Deleted : C:\Users\Maros\AppData\Roaming\Nico Mak Computing
Folder Deleted : C:\Users\Maros\AppData\Roaming\OfferMosquito
Folder Deleted : C:\Users\Maros\AppData\Roaming\SeeSimilar02
Folder Deleted : C:\Users\Maros\AppData\Roaming\Snz
Folder Deleted : C:\Users\Maros\AppData\Roaming\Windows Net Data
Folder Deleted : C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Users\Maros\Documents\PC Health Kit
Folder Deleted : C:\Users\wangjihua\AppData\Local\Mobogenie
Folder Deleted : C:\Users\wangzhisong\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\ilividmoviestoolbarha
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\ilividmoviestoolbarha
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbemlhjodpfopddibpbppifmogphpmil
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\Extensions\om@offermosquito.com.xpi
File Deleted : C:\Windows\SysWOW64\RegistryHelperLM.ocx
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Maros\daemonprocess.txt
File Deleted : C:\Users\Maros\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\xVidly.lnk
File Deleted : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Search.lnk
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\user.js
File Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\user.js
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\user.js
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\user.js
File Deleted : C:\Windows\System32\Tasks\Fifth
File Deleted : C:\Windows\System32\Tasks\Funmoods
File Deleted : C:\Windows\System32\Tasks\OMESupervisor
***** [ Shortcuts ] *****
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Maros on 20/07/2014 at 10:45:01.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\apn dtx
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta ltd
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\performersoft llc
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricsshow
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadealslive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installiq
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\supreme savings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstallerstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstallerstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2504091
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3286379
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3295549
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_able2extract_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_able2extract_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_able2extract_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_able2extract_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0181819E-19D7-4938-A59E-6053C7E351F4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0F455631-7A3F-44D6-B281-00D7FC381434}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4F36CD2D-F86C-4990-8E79-39AC77B8BBC1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7D6013D7-B7B6-F36E-448B-05761EA55098}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4}
~~~ Files
Successfully deleted: [File] "C:\Users\Maros\appdata\local\mysearchdial_speedial_v9.0.2.crx"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\ProgramData\dsearchlink"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\datamgr"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\intermediate"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\scheck"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\speedanalysis3"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\ssync"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\xvidly"
Successfully deleted: [Folder] "C:\Users\Maros\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Maros\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Users\Maros\appdata\locallow\iac"
Successfully deleted: [Folder] "C:\Users\Maros\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\bonanzadeals"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\mobogenie"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\webconnect"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Maros\appdata\local\{91DE433E-1954-4960-8828-ECBFBBF3E42F}
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Successfully deleted: [File] C:\Users\Maros\AppData\Roaming\mozilla\firefox\profiles\5x2eq0fo.default\user.js
Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com"
Successfully deleted the following from C:\Users\Maros\AppData\Roaming\mozilla\firefox\profiles\5x2eq0fo.default\prefs.js
user_pref("browser.search.defaulturl", "hxxp://native-search.com/search.php?channel=eng&q=");
user_pref("simplenewtab.url", "hxxp://native-search.com/?channel=eng_nt");
Emptied folder: C:\Users\Maros\AppData\Roaming\mozilla\firefox\profiles\5x2eq0fo.default\minidumps [29 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/07/2014 at 10:59:35.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maros - XPS1
# Running from : C:\Users\Maros\Desktop\adwcleaner_3.216.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\user.js
File Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\user.js
File Found : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Search.lnk
File Found : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\xVidly.lnk
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\Extensions\om@offermosquito.com.xpi
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\user.js
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\searchplugins\Babylon.xml
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\user.js
File Found : C:\Users\Maros\AppData\Roaming\speedanalysis.ico
File Found : C:\Users\Maros\daemonprocess.txt
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\Fifth
File Found : C:\Windows\System32\Tasks\Funmoods
File Found : C:\Windows\System32\Tasks\OMESupervisor
File Found : C:\Windows\SysWOW64\RegistryHelperLM.ocx
Folder Found : C:\Program Files (x86)\File Type Assistant
Folder Found : C:\Program Files (x86)\Gophoto.it
Folder Found : C:\Program Files (x86)\GreenTree Applications
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\ffxtlbr@mysearchdial.com
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\ilividmoviestoolbarha
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\ffxtlbr@mysearchdial.com
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Found : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\ilividmoviestoolbarha
Folder Found : C:\Users\Maros\AppData\Local\Bundled software uninstaller
Folder Found : C:\Users\Maros\AppData\Local\Conduit
Folder Found : C:\Users\Maros\AppData\Local\ext_offermosquito
Folder Found : C:\Users\Maros\AppData\Local\FileTypeAssistant
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbemlhjodpfopddibpbppifmogphpmil
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Found : C:\Users\Maros\AppData\Local\iac
Folder Found : C:\Users\Maros\AppData\Local\simple_new_tab
Folder Found : C:\Users\Maros\AppData\Local\Slick Savings
Folder Found : C:\Users\Maros\AppData\Local\Supreme Savings
Folder Found : C:\Users\Maros\AppData\LocalLow\ilividmoviestoolbarha
Folder Found : C:\Users\Maros\AppData\Roaming\1H1Q
Folder Found : C:\Users\Maros\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Found : C:\Users\Maros\AppData\Roaming\Common\LuaRT
Folder Found : C:\Users\Maros\AppData\Roaming\Fifth
Folder Found : C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Found : C:\Users\Maros\AppData\Roaming\Nico Mak Computing
Folder Found : C:\Users\Maros\AppData\Roaming\OfferMosquito
Folder Found : C:\Users\Maros\AppData\Roaming\SeeSimilar02
Folder Found : C:\Users\Maros\AppData\Roaming\Snz
Folder Found : C:\Users\Maros\AppData\Roaming\Windows Net Data
Folder Found : C:\Users\Maros\Documents\PC Health Kit
Folder Found : C:\Users\wangjihua\AppData\Local\Mobogenie
Folder Found : C:\Users\wangzhisong\AppData\Local\Mobogenie
***** [ Shortcuts ] *****
Shortcut Found : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Search.lnk ( -url hxxp://www2.delta-search.com/?babsrc=DT_ss&mntrId=3AFD00FF022FAA6F&affID=119649&tt=160913_m2&tsp=5013 -wbr 4 )
***** [ Registry ] *****
Key Found : HKCU\Software\5857888db53cec44
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Classes\iLivid.torrent
Key Found : HKCU\Software\Google\Chrome\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh
Key Found : HKCU\Software\Google\Chrome\Extensions\kbemlhjodpfopddibpbppifmogphpmil
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\OfferMosquito
Key Found : HKCU\Software\Protector
Key Found : [x64] HKCU\Software\OfferMosquito
Key Found : [x64] HKCU\Software\Protector
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\5857888db53cec44
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kbemlhjodpfopddibpbppifmogphpmil
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
-\\ Mozilla Firefox v30.0 (en-GB)
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js ]
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js ]
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js ]
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js ]
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js ]
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Homepage] : hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Found [Extension] : pflphaooapbgpeakohlggbpidpppgdff
[ File : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Homepage] : hxxp://search.conduit.com/?ctid=CT3286379&SearchSource=48&CUI=UN28310686502618631&UM=2
Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Found [Extension] : hokjjpjfnfjanfhjfchcpnhndokopmlh
Found [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Found [Extension] : kbemlhjodpfopddibpbppifmogphpmil
Found [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Found [Extension] : pflphaooapbgpeakohlggbpidpppgdff
Found [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk
Found [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [22555 octets] - [20/07/2014 11:03:21]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [22616 octets] ##########
# AdwCleaner v3.216 - Report created 20/07/2014 at 11:12:59
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maros - XPS1
# Running from : C:\Users\Maros\Desktop\adwcleaner_3.216.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\Maros\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Maros\AppData\Local\Conduit
Folder Deleted : C:\Users\Maros\AppData\Local\ext_offermosquito
Folder Deleted : C:\Users\Maros\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito
Folder Deleted : C:\Users\Maros\AppData\Local\iac
Folder Deleted : C:\Users\Maros\AppData\Local\simple_new_tab
Folder Deleted : C:\Users\Maros\AppData\Local\Slick Savings
Folder Deleted : C:\Users\Maros\AppData\Local\Supreme Savings
Folder Deleted : C:\Users\Maros\AppData\LocalLow\ilividmoviestoolbarha
Folder Deleted : C:\Users\Maros\AppData\Roaming\1H1Q
Folder Deleted : C:\Users\Maros\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\Maros\AppData\Roaming\Common\LuaRT
Folder Deleted : C:\Users\Maros\AppData\Roaming\Fifth
Folder Deleted : C:\Users\Maros\AppData\Roaming\Nico Mak Computing
Folder Deleted : C:\Users\Maros\AppData\Roaming\OfferMosquito
Folder Deleted : C:\Users\Maros\AppData\Roaming\SeeSimilar02
Folder Deleted : C:\Users\Maros\AppData\Roaming\Snz
Folder Deleted : C:\Users\Maros\AppData\Roaming\Windows Net Data
Folder Deleted : C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Users\Maros\Documents\PC Health Kit
Folder Deleted : C:\Users\wangjihua\AppData\Local\Mobogenie
Folder Deleted : C:\Users\wangzhisong\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\ilividmoviestoolbarha
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\ilividmoviestoolbarha
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbemlhjodpfopddibpbppifmogphpmil
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\Extensions\om@offermosquito.com.xpi
File Deleted : C:\Windows\SysWOW64\RegistryHelperLM.ocx
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Maros\daemonprocess.txt
File Deleted : C:\Users\Maros\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\xVidly.lnk
File Deleted : C:\Users\Maros\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Search.lnk
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\user.js
File Deleted : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\user.js
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\user.js
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\user.js
File Deleted : C:\Windows\System32\Tasks\Fifth
File Deleted : C:\Windows\System32\Tasks\Funmoods
File Deleted : C:\Windows\System32\Tasks\OMESupervisor
***** [ Shortcuts ] *****
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Maros on 20/07/2014 at 10:45:01.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\apn dtx
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta ltd
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\performersoft llc
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricsshow
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadealslive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installiq
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\supreme savings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstallerstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstallerstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2504091
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3286379
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3295549
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_able2extract_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_able2extract_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_able2extract_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_able2extract_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0181819E-19D7-4938-A59E-6053C7E351F4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0F455631-7A3F-44D6-B281-00D7FC381434}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4F36CD2D-F86C-4990-8E79-39AC77B8BBC1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7D6013D7-B7B6-F36E-448B-05761EA55098}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4}
~~~ Files
Successfully deleted: [File] "C:\Users\Maros\appdata\local\mysearchdial_speedial_v9.0.2.crx"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\ProgramData\dsearchlink"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\datamgr"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\intermediate"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\scheck"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\speedanalysis3"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\ssync"
Successfully deleted: [Folder] "C:\Users\Maros\AppData\Roaming\xvidly"
Successfully deleted: [Folder] "C:\Users\Maros\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Maros\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Users\Maros\appdata\locallow\iac"
Successfully deleted: [Folder] "C:\Users\Maros\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\bonanzadeals"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\mobogenie"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\webconnect"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Maros\appdata\local\{91DE433E-1954-4960-8828-ECBFBBF3E42F}
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Successfully deleted: [File] C:\Users\Maros\AppData\Roaming\mozilla\firefox\profiles\5x2eq0fo.default\user.js
Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com"
Successfully deleted the following from C:\Users\Maros\AppData\Roaming\mozilla\firefox\profiles\5x2eq0fo.default\prefs.js
user_pref("browser.search.defaulturl", "hxxp://native-search.com/search.php?channel=eng&q=");
user_pref("simplenewtab.url", "hxxp://native-search.com/?channel=eng_nt");
Emptied folder: C:\Users\Maros\AppData\Roaming\mozilla\firefox\profiles\5x2eq0fo.default\minidumps [29 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Folder] C:\Users\Maros\appdata\local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/07/2014 at 10:59:35.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: prosim o kontrolu zpomalený pc
adwcleaner mi hodil chybu nerestartoval ,provedl jsem další scan ten už proběhl v pořádku i restart
proto posílám ještě druhý scan
# AdwCleaner v3.216 - Report created 20/07/2014 at 11:14:01
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maros - XPS1
# Running from : C:\Users\Maros\Desktop\adwcleaner_3.216.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\5857888db53cec44
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Classes\iLivid.torrent
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\OfferMosquito
Key Found : HKCU\Software\Protector
Key Found : [x64] HKCU\Software\OfferMosquito
Key Found : [x64] HKCU\Software\Protector
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\5857888db53cec44
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
-\\ Mozilla Firefox v30.0 (en-GB)
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js ]
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js ]
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js ]
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js ]
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js ]
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Found [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Found [Homepage] : hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Found [Extension] : pflphaooapbgpeakohlggbpidpppgdff
[ File : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Found [Homepage] : hxxp://search.conduit.com/?ctid=CT3286379&SearchSource=48&CUI=UN28310686502618631&UM=2
Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Found [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Found [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Found [Extension] : pflphaooapbgpeakohlggbpidpppgdff
Found [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk
Found [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [22929 octets] - [20/07/2014 11:03:21]
AdwCleaner[R1].txt - [16585 octets] - [20/07/2014 11:14:01]
AdwCleaner[S0].txt - [6323 octets] - [20/07/2014 11:12:59]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [16706 octets] ##########
# AdwCleaner v3.216 - Report created 20/07/2014 at 11:18:38
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maros - XPS1
# Running from : C:\Users\Maros\Desktop\adwcleaner_3.216.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKCU\Software\5857888db53cec44
Key Deleted : HKLM\SOFTWARE\5857888db53cec44
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\OfferMosquito
Key Deleted : HKCU\Software\Protector
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v30.0 (en-GB)
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js ]
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js ]
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js ]
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Deleted [Homepage] : hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Deleted [Extension] : pflphaooapbgpeakohlggbpidpppgdff
[ File : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [Homepage] : hxxp://search.conduit.com/?ctid=CT3286379&SearchSource=48&CUI=UN28310686502618631&UM=2
Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deleted [Extension] : pflphaooapbgpeakohlggbpidpppgdff
Deleted [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk
Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [22929 octets] - [20/07/2014 11:03:21]
AdwCleaner[R1].txt - [17019 octets] - [20/07/2014 11:14:01]
AdwCleaner[S0].txt - [6323 octets] - [20/07/2014 11:12:59]
AdwCleaner[S1].txt - [16788 octets] - [20/07/2014 11:18:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [16849 octets] ##########
proto posílám ještě druhý scan
# AdwCleaner v3.216 - Report created 20/07/2014 at 11:14:01
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maros - XPS1
# Running from : C:\Users\Maros\Desktop\adwcleaner_3.216.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\5857888db53cec44
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Classes\iLivid.torrent
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\OfferMosquito
Key Found : HKCU\Software\Protector
Key Found : [x64] HKCU\Software\OfferMosquito
Key Found : [x64] HKCU\Software\Protector
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\5857888db53cec44
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
-\\ Mozilla Firefox v30.0 (en-GB)
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js ]
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js ]
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js ]
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js ]
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js ]
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Found [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Found [Homepage] : hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Found [Extension] : pflphaooapbgpeakohlggbpidpppgdff
[ File : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Found [Homepage] : hxxp://search.conduit.com/?ctid=CT3286379&SearchSource=48&CUI=UN28310686502618631&UM=2
Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Found [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Found [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Found [Extension] : pflphaooapbgpeakohlggbpidpppgdff
Found [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk
Found [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [22929 octets] - [20/07/2014 11:03:21]
AdwCleaner[R1].txt - [16585 octets] - [20/07/2014 11:14:01]
AdwCleaner[S0].txt - [6323 octets] - [20/07/2014 11:12:59]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [16706 octets] ##########
# AdwCleaner v3.216 - Report created 20/07/2014 at 11:18:38
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maros - XPS1
# Running from : C:\Users\Maros\Desktop\adwcleaner_3.216.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatebomlabio_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKCU\Software\5857888db53cec44
Key Deleted : HKLM\SOFTWARE\5857888db53cec44
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\OfferMosquito
Key Deleted : HKCU\Software\Protector
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v30.0 (en-GB)
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js ]
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js ]
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1[...]
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js ]
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Deleted [Homepage] : hxxp://start.mysearchdial.com/?f=1&a=srf0301&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0SyBzytCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=800209961&ir=
Deleted [Extension] : pflphaooapbgpeakohlggbpidpppgdff
[ File : C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [Homepage] : hxxp://search.conduit.com/?ctid=CT3286379&SearchSource=48&CUI=UN28310686502618631&UM=2
Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deleted [Extension] : pflphaooapbgpeakohlggbpidpppgdff
Deleted [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk
Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [22929 octets] - [20/07/2014 11:03:21]
AdwCleaner[R1].txt - [17019 octets] - [20/07/2014 11:14:01]
AdwCleaner[S0].txt - [6323 octets] - [20/07/2014 11:12:59]
AdwCleaner[S1].txt - [16788 octets] - [20/07/2014 11:18:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [16849 octets] ##########
Re: prosim o kontrolu zpomalený pc
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosim o kontrolu zpomalený pc
Zoek.exe v5.0.0.0 Updated 19-07-2014
Tool run by Maros on 21/07/2014 at 4:44:42.60.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Maros\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
21/07/2014 04:46:30 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
HKEY_USERS\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
HKEY_USERS\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Internet Explorer\SearchScopes\{BECF2EB7-5AB0-44E0-BF2E-DD8EE33904CD} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js:
user_pref("keyword.URL", "");
Added to C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js:
user_pref("keyword.URL", "");
Added to C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js:
user_pref("browser.search.defaultenginename", "Search");
Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js:
Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js:
Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
ProfilePath: C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
==== Deleting Files \ Folders ======================
C:\Users\Maros\.android deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\xvidly.exe deleted
C:\Users\Maros\AppData\Roaming\Common deleted
C:\Users\Maros\AppData\Local\CRE deleted
C:\Users\Maros\AppData\Local\avgchrome deleted
C:\Users\Maros\AppData\Local\cache deleted
C:\Users\Maros\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\ext_offermosquito deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\FileTypeAssistant deleted
C:\Users\Maros\Searches deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\wangjihua deleted
C:\Users\wangzhisong deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\extensions\staged deleted
C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\extensions\staged deleted
C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\extensions\staged deleted
C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\extensions\staged deleted
C:\Users\Maros\Firefox Setup 21.0.exe deleted
C:\Users\Maros\setup.exe deleted
"C:\Windows\Installer\228586.msi" deleted
"C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\extensions\ytd@mybrowserbar.com" deleted
"C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\extensions\ytd@mybrowserbar.com" deleted
"C:\Users\Maros\AppData\Roaming\Petogu" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF" [17/11/2013 17:45]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default
- Simple New Tab - %ProfilePath%\extensions\snt@dotlabs.co.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
10706E749453AC3D2B3A1F9B4F03C8BF - C:\windows\SysWoW64\WebClient\npwebclient.dll - DVR Client
C47AC87A8E29E0E51917F5AD99688D84 - C:\Users\Maros\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll - alibaba setup one click
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hokjjpjfnfjanfhjfchcpnhndokopmlh - C:\Users\Maros\AppData\Local\CRE\hokjjpjfnfjanfhjfchcpnhndokopmlh.crx[]
kbemlhjodpfopddibpbppifmogphpmil - C:\Users\Maros\AppData\Local\CRE\kbemlhjodpfopddibpbppifmogphpmil.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11/04/2014 19:46]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx[26/06/2014 11:22]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
hokjjpjfnfjanfhjfchcpnhndokopmlh - C:\Users\Maros\AppData\Local\CRE\hokjjpjfnfjanfhjfchcpnhndokopmlh.crx[]
kbemlhjodpfopddibpbppifmogphpmil - C:\Users\Maros\AppData\Local\CRE\kbemlhjodpfopddibpbppifmogphpmil.crx[]
Norton Identity Protection - Gladee\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Skype Click to Call - Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Norton Identity Protection - Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
==== Chrome Fix ======================
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage deleted successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage-journal deleted successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh deleted successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hokjjpjfnfjanfhjfchcpnhndokopmlh deleted successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbemlhjodpfopddibpbppifmogphpmil deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kbemlhjodpfopddibpbppifmogphpmil deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kbemlhjodpfopddibpbppifmogphpmil deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMgr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FA755F6B55011644A04BC010584FBC50732A62A4._service_run deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iFunBox Price Watch deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLivid deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intermediate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCheck deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snoozer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncios device service deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gladee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gladee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66T4F99F will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPAQ51XX will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9Q186C8 will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X44PDEMX will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1zpp6nxe.default\Cache emptied successfully
C:\Users\Gladee\AppData\Local\Mozilla\Firefox\Profiles\xf6adhkb.default\Cache emptied successfully
C:\Users\Maros\AppData\Local\Mozilla\Firefox\Profiles\5x2eq0fo.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=152 folders=48 38775808 bytes)
==== Empty Temp Folders ======================
C:\Users\Admin\AppData\Local\temp emptied successfully
C:\Users\Dealer\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Gladee\AppData\Local\temp emptied successfully
C:\Users\LogMeInRemoteUser\AppData\Local\temp emptied successfully
C:\Users\Maros\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\user\AppData\Local\temp emptied successfully
C:\Users\wangjihua\AppData\Local\temp emptied successfully
C:\Users\wangzhisong\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Maros\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66T4F99F" not found
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPAQ51XX" not found
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9Q186C8" not found
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X44PDEMX" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on 21/07/2014 at 5:43:10.71 ======================
Tool run by Maros on 21/07/2014 at 4:44:42.60.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Maros\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
21/07/2014 04:46:30 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
HKEY_USERS\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
HKEY_USERS\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Internet Explorer\SearchScopes\{BECF2EB7-5AB0-44E0-BF2E-DD8EE33904CD} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js:
user_pref("keyword.URL", "");
Added to C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js:
user_pref("keyword.URL", "");
Added to C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js:
user_pref("browser.search.defaultenginename", "Search");
Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js:
Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js:
Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
ProfilePath: C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_072014_0524_.backup
==== Deleting Files \ Folders ======================
C:\Users\Maros\.android deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\xvidly.exe deleted
C:\Users\Maros\AppData\Roaming\Common deleted
C:\Users\Maros\AppData\Local\CRE deleted
C:\Users\Maros\AppData\Local\avgchrome deleted
C:\Users\Maros\AppData\Local\cache deleted
C:\Users\Maros\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\ext_offermosquito deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\FileTypeAssistant deleted
C:\Users\Maros\Searches deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\wangjihua deleted
C:\Users\wangzhisong deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zpp6nxe.default\extensions\staged deleted
C:\Users\Gladee\AppData\Roaming\Mozilla\Firefox\Profiles\xf6adhkb.default\extensions\staged deleted
C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\extensions\staged deleted
C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\extensions\staged deleted
C:\Users\Maros\Firefox Setup 21.0.exe deleted
C:\Users\Maros\setup.exe deleted
"C:\Windows\Installer\228586.msi" deleted
"C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\94t0xhkd.default\extensions\ytd@mybrowserbar.com" deleted
"C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\fxgqqmpz.default\extensions\ytd@mybrowserbar.com" deleted
"C:\Users\Maros\AppData\Roaming\Petogu" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF" [17/11/2013 17:45]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default
- Simple New Tab - %ProfilePath%\extensions\snt@dotlabs.co.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
10706E749453AC3D2B3A1F9B4F03C8BF - C:\windows\SysWoW64\WebClient\npwebclient.dll - DVR Client
C47AC87A8E29E0E51917F5AD99688D84 - C:\Users\Maros\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll - alibaba setup one click
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hokjjpjfnfjanfhjfchcpnhndokopmlh - C:\Users\Maros\AppData\Local\CRE\hokjjpjfnfjanfhjfchcpnhndokopmlh.crx[]
kbemlhjodpfopddibpbppifmogphpmil - C:\Users\Maros\AppData\Local\CRE\kbemlhjodpfopddibpbppifmogphpmil.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11/04/2014 19:46]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx[26/06/2014 11:22]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
hokjjpjfnfjanfhjfchcpnhndokopmlh - C:\Users\Maros\AppData\Local\CRE\hokjjpjfnfjanfhjfchcpnhndokopmlh.crx[]
kbemlhjodpfopddibpbppifmogphpmil - C:\Users\Maros\AppData\Local\CRE\kbemlhjodpfopddibpbppifmogphpmil.crx[]
Norton Identity Protection - Gladee\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Skype Click to Call - Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Norton Identity Protection - Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
==== Chrome Fix ======================
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage deleted successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage-journal deleted successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh deleted successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hokjjpjfnfjanfhjfchcpnhndokopmlh deleted successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbemlhjodpfopddibpbppifmogphpmil deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kbemlhjodpfopddibpbppifmogphpmil deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\hokjjpjfnfjanfhjfchcpnhndokopmlh deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kbemlhjodpfopddibpbppifmogphpmil deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMgr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FA755F6B55011644A04BC010584FBC50732A62A4._service_run deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iFunBox Price Watch deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLivid deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intermediate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCheck deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snoozer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncios device service deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gladee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gladee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66T4F99F will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPAQ51XX will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9Q186C8 will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X44PDEMX will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\1zpp6nxe.default\Cache emptied successfully
C:\Users\Gladee\AppData\Local\Mozilla\Firefox\Profiles\xf6adhkb.default\Cache emptied successfully
C:\Users\Maros\AppData\Local\Mozilla\Firefox\Profiles\5x2eq0fo.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Gladee\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=152 folders=48 38775808 bytes)
==== Empty Temp Folders ======================
C:\Users\Admin\AppData\Local\temp emptied successfully
C:\Users\Dealer\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Gladee\AppData\Local\temp emptied successfully
C:\Users\LogMeInRemoteUser\AppData\Local\temp emptied successfully
C:\Users\Maros\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\user\AppData\Local\temp emptied successfully
C:\Users\wangjihua\AppData\Local\temp emptied successfully
C:\Users\wangzhisong\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Maros\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66T4F99F" not found
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPAQ51XX" not found
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9Q186C8" not found
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X44PDEMX" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on 21/07/2014 at 5:43:10.71 ======================
Re: prosim o kontrolu zpomalený pc
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosim o kontrolu zpomalený pc
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Maros (administrator) on XPS1 on 22-07-2014 15:40:30
Running from C:\Users\Maros\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTHIDMonitor.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Cypress Semiconductor Corporation) C:\Program Files\Cypress\TrackPad\CyCpIo.exe
(Cypress Semiconductor, Inc.) C:\Program Files\Cypress\TrackPad\CyHidWin.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Dell) C:\Users\Maros\AppData\Local\Apps\2.0\5903LO32.L25\20RPDDCB.EJN\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
() C:\Users\Maros\AppData\Local\Viber\Viber.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Sensible Vision) C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Google\Update\Install\{FAAD12BD-F45E-4020-9821-A7EFD773FF99}\36.0.1985.125_35.0.1916.153_chrome_updater.exe
(Google Inc.) C:\Windows\Temp\CR_D8CC2.tmp\setup.exe
(forum.viry.cz) C:\Users\Maros\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CyCpIo] => C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2429440 2012-05-03] (Cypress Semiconductor Corporation)
HKLM\...\Run: [CyHidWin] => C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2371584 2012-05-03] (Cypress Semiconductor, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6469736 2012-03-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4756240 2012-04-17] (Intel(R) Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [183808 2013-08-29] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [96240 2011-08-19] (Sensible Vision )
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [DellSystemDetect] => C:\Users\Maros\AppData\Local\Apps\2.0\5903LO32.L25\20RPDDCB.EJN\dell..tion_0f612f649c4a10af_0005.000 (the data entry has 40 more characters).
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [Viber] => C:\Users\Maros\AppData\Local\Viber\Viber.exe [936456 2014-03-05] ()
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [GoogleChromeAutoLaunch_6330810F60C6FA6EF269FD2BE97A4501] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
Lsa: [Notification Packages] scecli FAPassSync
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0181819E-19D7-4938-A59E-6053C7E351F4 URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A2E2F866-E02B-4381-891A-E24F2BEBBF17} URL = http://start.mysearchdial.com/results.p ... 223415&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0181819E-19D7-4938-A59E-6053C7E351F4 URL = http://start.mysearchdial.com/results.p ... 223415&ir=
SearchScopes: HKLM-x32 - {10D53038-159E-65B7-F466-1BD03776B6C4} URL =
SearchScopes: HKCU - DefaultScope 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={search ... 7&tsp=4970
SearchScopes: HKCU - 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={search ... 7&tsp=4970
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} http://92.27.47.235:82/WebClient.exe
DPF: HKLM-x32 {DD01C8CA-5DA0-4B01-9603-B7194E561D32} http://192.168.152.82/rel/webViewer.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.100.10.253 8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @EDVR/WebClient - C:\windows\system32\WebClient\npwebclient.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Maros\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF Plugin HKCU: {@alibaba.com/alisetup;version=1.0} - C:\Users\Maros\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Simple New Tab - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\Extensions\snt@dotlabs.co.xpi [2013-11-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2012-08-20]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-07-22]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-17]
Chrome:
=======
CHR DefaultSearchKeyword: google.co.id
CHR Extension: (Norton Identity Protection) - C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S4 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-08-02] (Dell Products, LP.) [File not signed]
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2451440 2011-08-19] (Sensible Vision ) [File not signed]
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [File not signed]
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [121856 2011-11-10] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-04-29] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-04-29] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-06-08] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-04-17] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1886488 2014-07-10] (Trusteer Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-05-18] (Realtek Semiconductor)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2671376 2012-04-17] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AX88178; C:\Windows\System32\DRIVERS\ax88178.sys [56320 2009-10-02] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R3 cyhid; C:\Windows\System32\DRIVERS\cyhid.sys [125440 2012-05-04] (Cypress Semiconductor, Inc.)
R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [14336 2012-05-04] (Cypress Semiconductor, Inc.)
R3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [88576 2012-05-04] (Cypress Semiconductor, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77480 2013-08-29] (Fresco Logic)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140721.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25024 2011-11-10] ()
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-05] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140721.023\ENG64.SYS [126040 2014-06-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140721.023\EX64.SYS [2099288 2014-06-20] (Symantec Corporation)
R1 RapportCerberus_69875; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_69875.sys [631128 2014-07-22] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [299736 2014-07-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [358616 2014-07-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [414296 2014-07-10] (Trusteer Ltd.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-22 15:40 - 2014-07-22 15:40 - 00027351 _____ () C:\Users\Maros\Desktop\FRST.txt
2014-07-22 15:40 - 2014-07-22 15:40 - 00000000 ____D () C:\FRST
2014-07-22 15:39 - 2014-07-22 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\Maros\Desktop\FRSTLauncher.exe
2014-07-22 15:31 - 2014-07-22 15:32 - 02090496 _____ (Farbar) C:\Users\Maros\Desktop\FRST64.exe
2014-07-21 05:43 - 2014-07-21 05:43 - 00021255 _____ () C:\Users\Maros\Desktop\zoek-results.txt
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangzhisong
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangjihua
2014-07-21 05:41 - 2014-07-21 04:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-21 04:46 - 2014-07-21 05:43 - 00021255 _____ () C:\zoek-results.log
2014-07-21 04:44 - 2014-07-21 05:42 - 00000000 ____D () C:\zoek_backup
2014-07-21 04:41 - 2014-07-21 04:42 - 01287168 _____ () C:\Users\Maros\Desktop\zoek.exe
2014-07-20 11:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-20 11:03 - 2014-07-20 11:18 - 00000000 ____D () C:\AdwCleaner
2014-07-20 11:02 - 2014-07-20 11:02 - 01354223 _____ () C:\Users\Maros\Desktop\adwcleaner_3.216.exe
2014-07-20 10:59 - 2014-07-20 10:59 - 00013304 _____ () C:\Users\Maros\Desktop\JRT.txt
2014-07-20 10:44 - 2014-07-20 10:44 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 10:41 - 2014-07-20 10:41 - 01016261 _____ (Thisisu) C:\Users\Maros\Desktop\JRT.exe
2014-07-19 06:55 - 2014-07-19 07:06 - 14757450 _____ () C:\Users\Maros\Downloads\Kapky.zip
2014-07-19 06:55 - 2014-07-19 07:05 - 10701320 _____ () C:\Users\Maros\Downloads\Baccarat dia 1100 x 2000.zip
2014-07-19 06:43 - 2014-07-19 06:58 - 00000000 ____D () C:\Users\Maros\Desktop\Visual
2014-07-17 15:47 - 2014-07-17 15:48 - 00000000 ____D () C:\rsit
2014-07-17 15:47 - 2014-07-17 15:48 - 00000000 ____D () C:\Program Files\trend micro
2014-07-17 15:45 - 2014-07-17 15:47 - 00044236 _____ () C:\Users\Maros\Downloads\RSITx64(1).exe.part
2014-07-17 15:41 - 2014-07-17 15:45 - 01222144 _____ () C:\Users\Maros\Downloads\RSITx64.exe
2014-07-17 15:23 - 2014-07-17 15:23 - 00000000 ____D () C:\Windows\pss
2014-07-17 13:37 - 2014-07-17 13:37 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-07-16 08:12 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-16 08:11 - 2014-07-16 08:11 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-16 08:11 - 2014-07-16 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-10 16:27 - 2014-06-20 21:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 16:27 - 2014-06-20 20:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 16:27 - 2014-06-19 02:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 16:27 - 2014-06-19 02:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 16:27 - 2014-06-19 02:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 16:27 - 2014-06-19 01:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 16:27 - 2014-06-19 01:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 16:27 - 2014-06-19 01:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 16:27 - 2014-06-19 01:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 16:27 - 2014-06-19 01:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 16:27 - 2014-06-19 01:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 16:27 - 2014-06-19 01:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 16:27 - 2014-06-19 01:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 16:27 - 2014-06-19 01:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 16:27 - 2014-06-19 01:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 16:27 - 2014-06-19 01:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 16:27 - 2014-06-19 01:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 16:27 - 2014-06-19 01:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 16:27 - 2014-06-19 01:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 16:27 - 2014-06-19 00:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 16:27 - 2014-06-19 00:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 16:27 - 2014-06-19 00:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 16:27 - 2014-06-19 00:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 16:27 - 2014-06-19 00:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 16:27 - 2014-06-19 00:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 16:27 - 2014-06-19 00:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 16:27 - 2014-06-19 00:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 16:27 - 2014-06-19 00:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 16:27 - 2014-06-19 00:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 16:27 - 2014-06-19 00:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 16:27 - 2014-06-19 00:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 16:27 - 2014-06-19 00:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 16:27 - 2014-06-19 00:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 16:27 - 2014-06-19 00:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 16:27 - 2014-06-19 00:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 16:27 - 2014-06-19 00:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 16:27 - 2014-06-19 00:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 16:27 - 2014-06-19 00:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 16:27 - 2014-06-19 00:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 16:27 - 2014-06-19 00:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 16:27 - 2014-06-19 00:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 16:27 - 2014-06-19 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 16:27 - 2014-06-18 23:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 16:27 - 2014-06-18 23:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 16:27 - 2014-06-18 23:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 16:27 - 2014-06-18 23:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 16:27 - 2014-06-18 23:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 16:27 - 2014-06-18 23:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 16:27 - 2014-06-18 23:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 16:27 - 2014-06-18 23:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 16:27 - 2014-06-18 23:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 16:27 - 2014-06-18 23:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 16:27 - 2014-06-18 23:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 16:27 - 2014-06-18 23:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 16:27 - 2014-06-18 23:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 16:27 - 2014-06-18 23:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 16:22 - 2014-06-30 03:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 16:22 - 2014-06-30 03:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 16:22 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 16:22 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 16:22 - 2014-06-18 02:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 16:13 - 2014-06-05 15:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 16:13 - 2014-06-05 15:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 16:13 - 2014-06-05 15:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 15:45 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 15:45 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 15:44 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-24 20:16 - 2014-06-24 20:27 - 00000000 ____D () C:\Users\Maros\Desktop\mika
==================== One Month Modified Files and Folders =======
2014-07-22 15:40 - 2014-07-22 15:40 - 00027351 _____ () C:\Users\Maros\Desktop\FRST.txt
2014-07-22 15:40 - 2014-07-22 15:40 - 00000000 ____D () C:\FRST
2014-07-22 15:39 - 2014-07-22 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\Maros\Desktop\FRSTLauncher.exe
2014-07-22 15:38 - 2013-10-01 13:00 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 15:34 - 2012-11-02 14:07 - 00000000 ____D () C:\Users\Maros
2014-07-22 15:32 - 2014-07-22 15:31 - 02090496 _____ (Farbar) C:\Users\Maros\Desktop\FRST64.exe
2014-07-22 15:31 - 2012-08-20 18:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 15:18 - 2012-08-20 18:38 - 01156461 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 15:12 - 2012-11-02 16:39 - 00000000 ____D () C:\Users\Maros\Documents\Outlook Files
2014-07-22 15:04 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 15:04 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 15:01 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 14:58 - 2014-03-19 13:35 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\ViberPC
2014-07-22 14:58 - 2014-03-19 13:34 - 00000000 ____D () C:\Users\Maros\AppData\Local\Viber
2014-07-22 14:58 - 2013-10-01 13:00 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 14:57 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 14:57 - 2009-07-14 05:51 - 00110603 _____ () C:\Windows\setupact.log
2014-07-22 06:16 - 2014-04-11 00:27 - 00039852 _____ () C:\Windows\PFRO.log
2014-07-22 05:54 - 2014-04-10 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-07-22 05:31 - 2013-02-17 11:39 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Skype
2014-07-21 05:43 - 2014-07-21 05:43 - 00021255 _____ () C:\Users\Maros\Desktop\zoek-results.txt
2014-07-21 05:43 - 2014-07-21 04:46 - 00021255 _____ () C:\zoek-results.log
2014-07-21 05:42 - 2014-07-21 04:44 - 00000000 ____D () C:\zoek_backup
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangzhisong
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangjihua
2014-07-21 04:44 - 2014-07-21 05:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-21 04:42 - 2014-07-21 04:41 - 01287168 _____ () C:\Users\Maros\Desktop\zoek.exe
2014-07-20 11:18 - 2014-07-20 11:03 - 00000000 ____D () C:\AdwCleaner
2014-07-20 11:13 - 2013-03-09 15:41 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\CheckPoint
2014-07-20 11:02 - 2014-07-20 11:02 - 01354223 _____ () C:\Users\Maros\Desktop\adwcleaner_3.216.exe
2014-07-20 10:59 - 2014-07-20 10:59 - 00013304 _____ () C:\Users\Maros\Desktop\JRT.txt
2014-07-20 10:44 - 2014-07-20 10:44 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 10:41 - 2014-07-20 10:41 - 01016261 _____ (Thisisu) C:\Users\Maros\Desktop\JRT.exe
2014-07-19 11:40 - 2014-04-10 20:59 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-07-19 07:06 - 2014-07-19 06:55 - 14757450 _____ () C:\Users\Maros\Downloads\Kapky.zip
2014-07-19 07:05 - 2014-07-19 06:55 - 10701320 _____ () C:\Users\Maros\Downloads\Baccarat dia 1100 x 2000.zip
2014-07-19 06:58 - 2014-07-19 06:43 - 00000000 ____D () C:\Users\Maros\Desktop\Visual
2014-07-17 15:48 - 2014-07-17 15:47 - 00000000 ____D () C:\rsit
2014-07-17 15:48 - 2014-07-17 15:47 - 00000000 ____D () C:\Program Files\trend micro
2014-07-17 15:47 - 2014-07-17 15:45 - 00044236 _____ () C:\Users\Maros\Downloads\RSITx64(1).exe.part
2014-07-17 15:45 - 2014-07-17 15:41 - 01222144 _____ () C:\Users\Maros\Downloads\RSITx64.exe
2014-07-17 15:23 - 2014-07-17 15:23 - 00000000 ____D () C:\Windows\pss
2014-07-17 15:06 - 2014-04-10 23:35 - 00000000 ____D () C:\Qoobox
2014-07-17 13:37 - 2014-07-17 13:37 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-07-17 13:32 - 2013-11-17 17:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-07-17 13:32 - 2012-11-03 23:28 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-17 13:32 - 2012-11-03 23:27 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-07-16 08:31 - 2012-08-20 18:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-16 08:31 - 2012-08-20 18:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-16 08:31 - 2012-08-20 18:40 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-16 08:12 - 2013-10-23 14:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-16 08:11 - 2014-07-16 08:11 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-16 08:11 - 2014-07-16 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-16 08:11 - 2012-10-07 01:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-14 17:47 - 2013-02-17 11:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-14 17:47 - 2012-08-20 19:05 - 00000000 ____D () C:\ProgramData\Skype
2014-07-11 03:02 - 2013-10-23 14:45 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-16 08:12 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2013-10-23 14:45 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2013-10-23 14:45 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-11 00:45 - 2009-07-14 05:45 - 05478216 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 00:44 - 2014-05-06 14:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 00:44 - 2010-11-21 08:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 00:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 00:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 00:37 - 2012-10-06 23:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-11 00:34 - 2013-07-26 11:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 00:32 - 2012-10-01 12:25 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 19:23 - 2014-04-10 12:14 - 00358616 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2014-07-10 03:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-07 18:39 - 2012-11-22 16:00 - 00000000 ____D () C:\Users\Maros\Desktop\Invoices
2014-06-30 03:09 - 2014-07-10 16:22 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 03:04 - 2014-07-10 16:22 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-24 20:27 - 2014-06-24 20:16 - 00000000 ____D () C:\Users\Maros\Desktop\mika
2014-06-24 19:17 - 2014-04-09 12:18 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-24 19:09 - 2013-09-13 16:09 - 00012288 ___SH () C:\Users\Maros\Thumbs.db
2014-06-24 11:33 - 2013-10-01 13:00 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-24 11:33 - 2013-10-01 13:00 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-23 12:31 - 2012-11-16 17:59 - 00000000 ____D () C:\Users\Maros\AppData\Local\CrashDumps
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:D346F792
==================== Security Center ==================
AV: Norton 360 (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Maros\Desktop" je 13851 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FATrayAlert
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Plugin Install
C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber
"C:\Users\Maros\AppData\Local\Viber\Viber.exe" StartMinimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsUpdate
C:\Users\Maros\ZNHCL\PDBLD.vbs
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Maros (administrator) on XPS1 on 22-07-2014 15:40:30
Running from C:\Users\Maros\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTHIDMonitor.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Cypress Semiconductor Corporation) C:\Program Files\Cypress\TrackPad\CyCpIo.exe
(Cypress Semiconductor, Inc.) C:\Program Files\Cypress\TrackPad\CyHidWin.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Dell) C:\Users\Maros\AppData\Local\Apps\2.0\5903LO32.L25\20RPDDCB.EJN\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
() C:\Users\Maros\AppData\Local\Viber\Viber.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Sensible Vision) C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Google\Update\Install\{FAAD12BD-F45E-4020-9821-A7EFD773FF99}\36.0.1985.125_35.0.1916.153_chrome_updater.exe
(Google Inc.) C:\Windows\Temp\CR_D8CC2.tmp\setup.exe
(forum.viry.cz) C:\Users\Maros\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CyCpIo] => C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2429440 2012-05-03] (Cypress Semiconductor Corporation)
HKLM\...\Run: [CyHidWin] => C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2371584 2012-05-03] (Cypress Semiconductor, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6469736 2012-03-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4756240 2012-04-17] (Intel(R) Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [183808 2013-08-29] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [96240 2011-08-19] (Sensible Vision )
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [DellSystemDetect] => C:\Users\Maros\AppData\Local\Apps\2.0\5903LO32.L25\20RPDDCB.EJN\dell..tion_0f612f649c4a10af_0005.000 (the data entry has 40 more characters).
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [Viber] => C:\Users\Maros\AppData\Local\Viber\Viber.exe [936456 2014-03-05] ()
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [GoogleChromeAutoLaunch_6330810F60C6FA6EF269FD2BE97A4501] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
Lsa: [Notification Packages] scecli FAPassSync
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0181819E-19D7-4938-A59E-6053C7E351F4 URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A2E2F866-E02B-4381-891A-E24F2BEBBF17} URL = http://start.mysearchdial.com/results.p ... 223415&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0181819E-19D7-4938-A59E-6053C7E351F4 URL = http://start.mysearchdial.com/results.p ... 223415&ir=
SearchScopes: HKLM-x32 - {10D53038-159E-65B7-F466-1BD03776B6C4} URL =
SearchScopes: HKCU - DefaultScope 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={search ... 7&tsp=4970
SearchScopes: HKCU - 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={search ... 7&tsp=4970
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} http://92.27.47.235:82/WebClient.exe
DPF: HKLM-x32 {DD01C8CA-5DA0-4B01-9603-B7194E561D32} http://192.168.152.82/rel/webViewer.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.100.10.253 8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @EDVR/WebClient - C:\windows\system32\WebClient\npwebclient.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Maros\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF Plugin HKCU: {@alibaba.com/alisetup;version=1.0} - C:\Users\Maros\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Simple New Tab - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5x2eq0fo.default\Extensions\snt@dotlabs.co.xpi [2013-11-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2012-08-20]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-07-22]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-17]
Chrome:
=======
CHR DefaultSearchKeyword: google.co.id
CHR Extension: (Norton Identity Protection) - C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Maros\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S4 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-08-02] (Dell Products, LP.) [File not signed]
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2451440 2011-08-19] (Sensible Vision ) [File not signed]
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [File not signed]
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [121856 2011-11-10] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-04-29] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-04-29] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-06-08] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-04-17] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1886488 2014-07-10] (Trusteer Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-05-18] (Realtek Semiconductor)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2671376 2012-04-17] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AX88178; C:\Windows\System32\DRIVERS\ax88178.sys [56320 2009-10-02] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R3 cyhid; C:\Windows\System32\DRIVERS\cyhid.sys [125440 2012-05-04] (Cypress Semiconductor, Inc.)
R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [14336 2012-05-04] (Cypress Semiconductor, Inc.)
R3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [88576 2012-05-04] (Cypress Semiconductor, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77480 2013-08-29] (Fresco Logic)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140721.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25024 2011-11-10] ()
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-05] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140721.023\ENG64.SYS [126040 2014-06-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140721.023\EX64.SYS [2099288 2014-06-20] (Symantec Corporation)
R1 RapportCerberus_69875; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_69875.sys [631128 2014-07-22] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [299736 2014-07-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [358616 2014-07-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [414296 2014-07-10] (Trusteer Ltd.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-22 15:40 - 2014-07-22 15:40 - 00027351 _____ () C:\Users\Maros\Desktop\FRST.txt
2014-07-22 15:40 - 2014-07-22 15:40 - 00000000 ____D () C:\FRST
2014-07-22 15:39 - 2014-07-22 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\Maros\Desktop\FRSTLauncher.exe
2014-07-22 15:31 - 2014-07-22 15:32 - 02090496 _____ (Farbar) C:\Users\Maros\Desktop\FRST64.exe
2014-07-21 05:43 - 2014-07-21 05:43 - 00021255 _____ () C:\Users\Maros\Desktop\zoek-results.txt
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangzhisong
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangjihua
2014-07-21 05:41 - 2014-07-21 04:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-21 04:46 - 2014-07-21 05:43 - 00021255 _____ () C:\zoek-results.log
2014-07-21 04:44 - 2014-07-21 05:42 - 00000000 ____D () C:\zoek_backup
2014-07-21 04:41 - 2014-07-21 04:42 - 01287168 _____ () C:\Users\Maros\Desktop\zoek.exe
2014-07-20 11:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-20 11:03 - 2014-07-20 11:18 - 00000000 ____D () C:\AdwCleaner
2014-07-20 11:02 - 2014-07-20 11:02 - 01354223 _____ () C:\Users\Maros\Desktop\adwcleaner_3.216.exe
2014-07-20 10:59 - 2014-07-20 10:59 - 00013304 _____ () C:\Users\Maros\Desktop\JRT.txt
2014-07-20 10:44 - 2014-07-20 10:44 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 10:41 - 2014-07-20 10:41 - 01016261 _____ (Thisisu) C:\Users\Maros\Desktop\JRT.exe
2014-07-19 06:55 - 2014-07-19 07:06 - 14757450 _____ () C:\Users\Maros\Downloads\Kapky.zip
2014-07-19 06:55 - 2014-07-19 07:05 - 10701320 _____ () C:\Users\Maros\Downloads\Baccarat dia 1100 x 2000.zip
2014-07-19 06:43 - 2014-07-19 06:58 - 00000000 ____D () C:\Users\Maros\Desktop\Visual
2014-07-17 15:47 - 2014-07-17 15:48 - 00000000 ____D () C:\rsit
2014-07-17 15:47 - 2014-07-17 15:48 - 00000000 ____D () C:\Program Files\trend micro
2014-07-17 15:45 - 2014-07-17 15:47 - 00044236 _____ () C:\Users\Maros\Downloads\RSITx64(1).exe.part
2014-07-17 15:41 - 2014-07-17 15:45 - 01222144 _____ () C:\Users\Maros\Downloads\RSITx64.exe
2014-07-17 15:23 - 2014-07-17 15:23 - 00000000 ____D () C:\Windows\pss
2014-07-17 13:37 - 2014-07-17 13:37 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-07-16 08:12 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-16 08:11 - 2014-07-16 08:11 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-16 08:11 - 2014-07-16 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-10 16:27 - 2014-06-20 21:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 16:27 - 2014-06-20 20:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 16:27 - 2014-06-19 02:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 16:27 - 2014-06-19 02:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 16:27 - 2014-06-19 02:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 16:27 - 2014-06-19 01:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 16:27 - 2014-06-19 01:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 16:27 - 2014-06-19 01:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 16:27 - 2014-06-19 01:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 16:27 - 2014-06-19 01:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 16:27 - 2014-06-19 01:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 16:27 - 2014-06-19 01:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 16:27 - 2014-06-19 01:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 16:27 - 2014-06-19 01:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 16:27 - 2014-06-19 01:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 16:27 - 2014-06-19 01:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 16:27 - 2014-06-19 01:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 16:27 - 2014-06-19 01:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 16:27 - 2014-06-19 01:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 16:27 - 2014-06-19 00:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 16:27 - 2014-06-19 00:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 16:27 - 2014-06-19 00:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 16:27 - 2014-06-19 00:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 16:27 - 2014-06-19 00:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 16:27 - 2014-06-19 00:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 16:27 - 2014-06-19 00:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 16:27 - 2014-06-19 00:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 16:27 - 2014-06-19 00:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 16:27 - 2014-06-19 00:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 16:27 - 2014-06-19 00:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 16:27 - 2014-06-19 00:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 16:27 - 2014-06-19 00:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 16:27 - 2014-06-19 00:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 16:27 - 2014-06-19 00:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 16:27 - 2014-06-19 00:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 16:27 - 2014-06-19 00:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 16:27 - 2014-06-19 00:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 16:27 - 2014-06-19 00:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 16:27 - 2014-06-19 00:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 16:27 - 2014-06-19 00:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 16:27 - 2014-06-19 00:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 16:27 - 2014-06-19 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 16:27 - 2014-06-18 23:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 16:27 - 2014-06-18 23:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 16:27 - 2014-06-18 23:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 16:27 - 2014-06-18 23:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 16:27 - 2014-06-18 23:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 16:27 - 2014-06-18 23:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 16:27 - 2014-06-18 23:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 16:27 - 2014-06-18 23:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 16:27 - 2014-06-18 23:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 16:27 - 2014-06-18 23:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 16:27 - 2014-06-18 23:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 16:27 - 2014-06-18 23:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 16:27 - 2014-06-18 23:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 16:27 - 2014-06-18 23:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 16:22 - 2014-06-30 03:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 16:22 - 2014-06-30 03:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 16:22 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 16:22 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 16:22 - 2014-06-18 02:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 16:13 - 2014-06-05 15:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 16:13 - 2014-06-05 15:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 16:13 - 2014-06-05 15:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 15:45 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 15:45 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 15:44 - 2014-05-30 09:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 15:44 - 2014-05-30 08:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 15:44 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-24 20:16 - 2014-06-24 20:27 - 00000000 ____D () C:\Users\Maros\Desktop\mika
==================== One Month Modified Files and Folders =======
2014-07-22 15:40 - 2014-07-22 15:40 - 00027351 _____ () C:\Users\Maros\Desktop\FRST.txt
2014-07-22 15:40 - 2014-07-22 15:40 - 00000000 ____D () C:\FRST
2014-07-22 15:39 - 2014-07-22 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\Maros\Desktop\FRSTLauncher.exe
2014-07-22 15:38 - 2013-10-01 13:00 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 15:34 - 2012-11-02 14:07 - 00000000 ____D () C:\Users\Maros
2014-07-22 15:32 - 2014-07-22 15:31 - 02090496 _____ (Farbar) C:\Users\Maros\Desktop\FRST64.exe
2014-07-22 15:31 - 2012-08-20 18:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 15:18 - 2012-08-20 18:38 - 01156461 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 15:12 - 2012-11-02 16:39 - 00000000 ____D () C:\Users\Maros\Documents\Outlook Files
2014-07-22 15:04 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 15:04 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 15:01 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 14:58 - 2014-03-19 13:35 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\ViberPC
2014-07-22 14:58 - 2014-03-19 13:34 - 00000000 ____D () C:\Users\Maros\AppData\Local\Viber
2014-07-22 14:58 - 2013-10-01 13:00 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 14:57 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 14:57 - 2009-07-14 05:51 - 00110603 _____ () C:\Windows\setupact.log
2014-07-22 06:16 - 2014-04-11 00:27 - 00039852 _____ () C:\Windows\PFRO.log
2014-07-22 05:54 - 2014-04-10 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-07-22 05:31 - 2013-02-17 11:39 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Skype
2014-07-21 05:43 - 2014-07-21 05:43 - 00021255 _____ () C:\Users\Maros\Desktop\zoek-results.txt
2014-07-21 05:43 - 2014-07-21 04:46 - 00021255 _____ () C:\zoek-results.log
2014-07-21 05:42 - 2014-07-21 04:44 - 00000000 ____D () C:\zoek_backup
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangzhisong
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangjihua
2014-07-21 04:44 - 2014-07-21 05:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-21 04:42 - 2014-07-21 04:41 - 01287168 _____ () C:\Users\Maros\Desktop\zoek.exe
2014-07-20 11:18 - 2014-07-20 11:03 - 00000000 ____D () C:\AdwCleaner
2014-07-20 11:13 - 2013-03-09 15:41 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\CheckPoint
2014-07-20 11:02 - 2014-07-20 11:02 - 01354223 _____ () C:\Users\Maros\Desktop\adwcleaner_3.216.exe
2014-07-20 10:59 - 2014-07-20 10:59 - 00013304 _____ () C:\Users\Maros\Desktop\JRT.txt
2014-07-20 10:44 - 2014-07-20 10:44 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 10:41 - 2014-07-20 10:41 - 01016261 _____ (Thisisu) C:\Users\Maros\Desktop\JRT.exe
2014-07-19 11:40 - 2014-04-10 20:59 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-07-19 07:06 - 2014-07-19 06:55 - 14757450 _____ () C:\Users\Maros\Downloads\Kapky.zip
2014-07-19 07:05 - 2014-07-19 06:55 - 10701320 _____ () C:\Users\Maros\Downloads\Baccarat dia 1100 x 2000.zip
2014-07-19 06:58 - 2014-07-19 06:43 - 00000000 ____D () C:\Users\Maros\Desktop\Visual
2014-07-17 15:48 - 2014-07-17 15:47 - 00000000 ____D () C:\rsit
2014-07-17 15:48 - 2014-07-17 15:47 - 00000000 ____D () C:\Program Files\trend micro
2014-07-17 15:47 - 2014-07-17 15:45 - 00044236 _____ () C:\Users\Maros\Downloads\RSITx64(1).exe.part
2014-07-17 15:45 - 2014-07-17 15:41 - 01222144 _____ () C:\Users\Maros\Downloads\RSITx64.exe
2014-07-17 15:23 - 2014-07-17 15:23 - 00000000 ____D () C:\Windows\pss
2014-07-17 15:06 - 2014-04-10 23:35 - 00000000 ____D () C:\Qoobox
2014-07-17 13:37 - 2014-07-17 13:37 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-07-17 13:32 - 2013-11-17 17:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-07-17 13:32 - 2012-11-03 23:28 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-17 13:32 - 2012-11-03 23:27 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-07-16 08:31 - 2012-08-20 18:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-16 08:31 - 2012-08-20 18:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-16 08:31 - 2012-08-20 18:40 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-16 08:12 - 2013-10-23 14:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-16 08:11 - 2014-07-16 08:11 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-16 08:11 - 2014-07-16 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-16 08:11 - 2012-10-07 01:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-14 17:47 - 2013-02-17 11:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-14 17:47 - 2012-08-20 19:05 - 00000000 ____D () C:\ProgramData\Skype
2014-07-11 03:02 - 2013-10-23 14:45 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-16 08:12 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2013-10-23 14:45 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2013-10-23 14:45 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-11 00:45 - 2009-07-14 05:45 - 05478216 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 00:44 - 2014-05-06 14:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 00:44 - 2010-11-21 08:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 00:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 00:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 00:37 - 2012-10-06 23:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-11 00:34 - 2013-07-26 11:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 00:32 - 2012-10-01 12:25 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 19:23 - 2014-04-10 12:14 - 00358616 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2014-07-10 03:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-07 18:39 - 2012-11-22 16:00 - 00000000 ____D () C:\Users\Maros\Desktop\Invoices
2014-06-30 03:09 - 2014-07-10 16:22 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 03:04 - 2014-07-10 16:22 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-24 20:27 - 2014-06-24 20:16 - 00000000 ____D () C:\Users\Maros\Desktop\mika
2014-06-24 19:17 - 2014-04-09 12:18 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-24 19:09 - 2013-09-13 16:09 - 00012288 ___SH () C:\Users\Maros\Thumbs.db
2014-06-24 11:33 - 2013-10-01 13:00 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-24 11:33 - 2013-10-01 13:00 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-23 12:31 - 2012-11-16 17:59 - 00000000 ____D () C:\Users\Maros\AppData\Local\CrashDumps
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:D346F792
==================== Security Center ==================
AV: Norton 360 (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Maros\Desktop" je 13851 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FATrayAlert
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Plugin Install
C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber
"C:\Users\Maros\AppData\Local\Viber\Viber.exe" StartMinimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsUpdate
C:\Users\Maros\ZNHCL\PDBLD.vbs
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: prosim o kontrolu zpomalený pc
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2014
Ran by Maros at 2014-07-22 15:41:12
Running from C:\Users\Maros\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton 360 (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced IP Scanner 2.3 (HKLM-x32\...\{A02F51A7-1982-4B69-8BD3-7D2B86179752}) (Version: 2.3.2161 - Famatech)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3243 - CDBurnerXP)
Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.3.6.34 - Cypress Semiconductor, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Dell Digital Delivery (HKLM-x32\...\{F5E43D09-96AF-4CA0-85AE-9134E7FFA7FC}) (Version: 2.2.3000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Face Recognition (HKLM\...\{B132D631-AD31-41C1-BC8A-9715104C633F}) (Version: 3.1.70.1 - Sensible Vision)
Firefox Packages (HKCU\...\Firefox Packages) (Version: - ) <==== ATTENTION
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fresco Logic USB3.0 Host Controller (HKLM\...\{B25A87F2-EA64-4C60-9989-6442FFFAD5E2}) (Version: 3.5.100.0 - Fresco Logic Inc.)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{FCF8A819-6CF6-3E28-B526-9150AA84ED45}) (Version: 65.169.76 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
H264 Video Codec (HKLM-x32\...\H264) (Version: - T,DP5)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.30.1154 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{705EE775-5776-48FD-B704-C3C9CF535420}) (Version: 15.1.1.0170 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{39D1D2EA-6F53-4268-B5E8-F78B22049A41}) (Version: 2.0.871.0 - Intel)
Intel(R) WiDi (HKLM-x32\...\{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}) (Version: 2.2.14.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{BAA0BE9B-9E6D-4802-91CB-FB7ED5CD4BEF}) (Version: 15.01.1500.1034 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.9.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
LogMeIn (HKLM-x32\...\{22461A1C-BD68-4D90-9897-1DB146D55ECB}) (Version: 4.1.2504 - LogMeIn, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-GB)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Nitro Pro 8 (HKLM\...\{47B42E7A-57E9-407B-8DBB-017B86D7B13F}) (Version: 8.5.2.10 - Nitro)
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
NVMS-1000 (HKLM-x32\...\{706F1178-8CDB-45E5-B05F-D1950D9D17DF}) (Version: 2.0.0.2 - )
OLink 2.0.4.691 (HKLM-x32\...\OLink 2.0.4.691_is1) (Version: OLink 2.0.4 - Jablotron Alarms a.s.)
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapport (x32 Version: 3.5.1307.109 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6612 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
System Requirements Lab for Intel (HKLM-x32\...\{C71067FC-288F-4E0B-88C6-44DFDA8311E2}) (Version: 4.5.9.0 - Husdawg, LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1307.109 - Trusteer)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Viber (HKCU\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebClient (HKLM-x32\...\WebClient) (Version: - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
ZoneAlarm Do Not Track Add-on 2.2.5.1213 (HKLM-x32\...\ZoneAlarm Do Not Track Add-on_is1) (Version: 2.2.5.1213 - Abine)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.7 - ZONER software)
==================== Restore Points =========================
21-07-2014 03:46:17 zoek.exe restore point
22-07-2014 04:54:02 Installed Rapport
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-07-21 04:46 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {026167CE-5B75-4032-A274-2515BAD6C367} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {1BE13244-A274-4616-BA0B-5114271C2C50} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {335EE66A-69E9-4BD6-962E-BAA55046BAE6} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {4359D21A-495D-4604-9581-B9407985EDB5} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {708606AE-B9AF-4FDE-806D-402265C9F9CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-16] (Adobe Systems Incorporated)
Task: {7F0C2736-ED49-40DD-B54B-C9BD62CF6DE8} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {82F8CCE2-80EE-4E91-9632-2297ABDBCEB4} - \Fifth No Task File <==== ATTENTION
Task: {8D81149E-F464-4C52-8BF8-661A63A660FC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {8E351B36-1C5E-4CCF-99C2-FED9FA4A9530} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {908CC2C8-A58A-4841-977B-0DEA75399AEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01] (Google Inc.)
Task: {9140AA0C-F5A5-4BBB-9A6C-E949369CEFBF} - \Funmoods No Task File <==== ATTENTION
Task: {9959C10C-0E8F-47FF-94BE-7AC6EBFE124F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B00C9867-43EE-413E-9F3E-5FA47FE79200} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01] (Google Inc.)
Task: {B4B4E8DC-1B4B-4A70-AA11-D69A894EF361} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {CD3B0F2B-A040-461E-8F47-F1CFB763E497} - \OMESupervisor No Task File <==== ATTENTION
Task: {EAEFEFF7-B5DB-42C1-B7D3-DF89C9BA5CE9} - System32\Tasks\Test TimeTrigger => C:\Users\Maros\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {EB38D4DE-8BCD-4F6D-8CAD-46050B3CD42C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-08-19 17:34 - 2011-08-19 17:34 - 00095216 _____ () C:\Windows\system32\FAIEExtension.DLL
2011-11-10 18:15 - 2011-11-10 18:15 - 00121856 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2011-11-10 18:15 - 2011-11-10 18:15 - 00043520 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2011-11-10 18:15 - 2011-11-10 18:15 - 00029696 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2011-11-10 18:15 - 2011-11-10 18:15 - 00030208 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTHidMonitor.exe
2012-08-20 20:09 - 2011-07-20 00:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-19 13:34 - 2014-03-05 21:05 - 00936456 _____ () C:\Users\Maros\AppData\Local\Viber\Viber.exe
2014-07-22 15:39 - 2014-07-16 18:43 - 08848464 _____ () C:\Program Files (x86)\Google\Update\Install\{FAAD12BD-F45E-4020-9821-A7EFD773FF99}\36.0.1985.125_35.0.1916.153_chrome_updater.exe
2014-04-10 12:14 - 2014-06-30 10:53 - 01404120 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 22593536 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\libViber.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00737280 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\libGLESv2.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00098304 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\qfacebook.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00049152 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\libEGL.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00860160 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\platforms\qwindows.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00024576 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qgif.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00024576 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qico.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00204800 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qjpeg.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00221184 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qmng.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00016384 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qsvg.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00016384 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qtga.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00311296 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qtiff.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00016384 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qwbmp.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00622592 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\sqldrivers\qsqlite.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00032768 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\iconengines\qsvgicon.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-06-18 13:19 - 2014-06-18 13:19 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:D346F792
Ran by Maros at 2014-07-22 15:41:12
Running from C:\Users\Maros\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton 360 (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced IP Scanner 2.3 (HKLM-x32\...\{A02F51A7-1982-4B69-8BD3-7D2B86179752}) (Version: 2.3.2161 - Famatech)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3243 - CDBurnerXP)
Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.3.6.34 - Cypress Semiconductor, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Dell Digital Delivery (HKLM-x32\...\{F5E43D09-96AF-4CA0-85AE-9134E7FFA7FC}) (Version: 2.2.3000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Face Recognition (HKLM\...\{B132D631-AD31-41C1-BC8A-9715104C633F}) (Version: 3.1.70.1 - Sensible Vision)
Firefox Packages (HKCU\...\Firefox Packages) (Version: - ) <==== ATTENTION
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fresco Logic USB3.0 Host Controller (HKLM\...\{B25A87F2-EA64-4C60-9989-6442FFFAD5E2}) (Version: 3.5.100.0 - Fresco Logic Inc.)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{FCF8A819-6CF6-3E28-B526-9150AA84ED45}) (Version: 65.169.76 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
H264 Video Codec (HKLM-x32\...\H264) (Version: - T,DP5)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.30.1154 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{705EE775-5776-48FD-B704-C3C9CF535420}) (Version: 15.1.1.0170 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{39D1D2EA-6F53-4268-B5E8-F78B22049A41}) (Version: 2.0.871.0 - Intel)
Intel(R) WiDi (HKLM-x32\...\{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}) (Version: 2.2.14.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{BAA0BE9B-9E6D-4802-91CB-FB7ED5CD4BEF}) (Version: 15.01.1500.1034 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.9.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
LogMeIn (HKLM-x32\...\{22461A1C-BD68-4D90-9897-1DB146D55ECB}) (Version: 4.1.2504 - LogMeIn, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-GB)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Nitro Pro 8 (HKLM\...\{47B42E7A-57E9-407B-8DBB-017B86D7B13F}) (Version: 8.5.2.10 - Nitro)
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
NVMS-1000 (HKLM-x32\...\{706F1178-8CDB-45E5-B05F-D1950D9D17DF}) (Version: 2.0.0.2 - )
OLink 2.0.4.691 (HKLM-x32\...\OLink 2.0.4.691_is1) (Version: OLink 2.0.4 - Jablotron Alarms a.s.)
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapport (x32 Version: 3.5.1307.109 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6612 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
System Requirements Lab for Intel (HKLM-x32\...\{C71067FC-288F-4E0B-88C6-44DFDA8311E2}) (Version: 4.5.9.0 - Husdawg, LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1307.109 - Trusteer)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Viber (HKCU\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebClient (HKLM-x32\...\WebClient) (Version: - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
ZoneAlarm Do Not Track Add-on 2.2.5.1213 (HKLM-x32\...\ZoneAlarm Do Not Track Add-on_is1) (Version: 2.2.5.1213 - Abine)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.7 - ZONER software)
==================== Restore Points =========================
21-07-2014 03:46:17 zoek.exe restore point
22-07-2014 04:54:02 Installed Rapport
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-07-21 04:46 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {026167CE-5B75-4032-A274-2515BAD6C367} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {1BE13244-A274-4616-BA0B-5114271C2C50} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {335EE66A-69E9-4BD6-962E-BAA55046BAE6} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {4359D21A-495D-4604-9581-B9407985EDB5} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {708606AE-B9AF-4FDE-806D-402265C9F9CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-16] (Adobe Systems Incorporated)
Task: {7F0C2736-ED49-40DD-B54B-C9BD62CF6DE8} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {82F8CCE2-80EE-4E91-9632-2297ABDBCEB4} - \Fifth No Task File <==== ATTENTION
Task: {8D81149E-F464-4C52-8BF8-661A63A660FC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {8E351B36-1C5E-4CCF-99C2-FED9FA4A9530} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {908CC2C8-A58A-4841-977B-0DEA75399AEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01] (Google Inc.)
Task: {9140AA0C-F5A5-4BBB-9A6C-E949369CEFBF} - \Funmoods No Task File <==== ATTENTION
Task: {9959C10C-0E8F-47FF-94BE-7AC6EBFE124F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B00C9867-43EE-413E-9F3E-5FA47FE79200} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01] (Google Inc.)
Task: {B4B4E8DC-1B4B-4A70-AA11-D69A894EF361} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {CD3B0F2B-A040-461E-8F47-F1CFB763E497} - \OMESupervisor No Task File <==== ATTENTION
Task: {EAEFEFF7-B5DB-42C1-B7D3-DF89C9BA5CE9} - System32\Tasks\Test TimeTrigger => C:\Users\Maros\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {EB38D4DE-8BCD-4F6D-8CAD-46050B3CD42C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-08-19 17:34 - 2011-08-19 17:34 - 00095216 _____ () C:\Windows\system32\FAIEExtension.DLL
2011-11-10 18:15 - 2011-11-10 18:15 - 00121856 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2011-11-10 18:15 - 2011-11-10 18:15 - 00043520 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2011-11-10 18:15 - 2011-11-10 18:15 - 00029696 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2011-11-10 18:15 - 2011-11-10 18:15 - 00030208 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTHidMonitor.exe
2012-08-20 20:09 - 2011-07-20 00:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-19 13:34 - 2014-03-05 21:05 - 00936456 _____ () C:\Users\Maros\AppData\Local\Viber\Viber.exe
2014-07-22 15:39 - 2014-07-16 18:43 - 08848464 _____ () C:\Program Files (x86)\Google\Update\Install\{FAAD12BD-F45E-4020-9821-A7EFD773FF99}\36.0.1985.125_35.0.1916.153_chrome_updater.exe
2014-04-10 12:14 - 2014-06-30 10:53 - 01404120 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 22593536 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\libViber.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00737280 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\libGLESv2.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00098304 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\qfacebook.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00049152 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\libEGL.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00860160 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\platforms\qwindows.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00024576 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qgif.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00024576 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qico.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00204800 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qjpeg.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00221184 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qmng.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00016384 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qsvg.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00016384 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qtga.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00311296 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qtiff.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00016384 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\imageformats\qwbmp.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00622592 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\sqldrivers\qsqlite.dll
2014-06-24 11:15 - 2014-06-24 11:15 - 00032768 _____ () C:\Users\Maros\AppData\Local\Viber\4.2.1.49\iconengines\qsvgicon.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-06-18 13:19 - 2014-06-18 13:19 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:D346F792
Re: prosim o kontrolu zpomalený pc
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [GoogleChromeAutoLaunch_6330810F60C6FA6EF269FD2BE97A4501] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.) HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0181819E-19D7-4938-A59E-6053C7E351F4 URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {A2E2F866-E02B-4381-891A-E24F2BEBBF17} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=airmsd&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q&cr=1445223415&ir= SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {0181819E-19D7-4938-A59E-6053C7E351F4 URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=airmsd&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDtBtB0F0A0AyC0FtCtDtDyDtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q&cr=1445223415&ir= SearchScopes: HKLM-x32 - {10D53038-159E-65B7-F466-1BD03776B6C4} URL = SearchScopes: HKCU - DefaultScope 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=3AFD00FF022FAA6F&affID=119357&tsp=4970 SearchScopes: HKCU - 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=3AFD00FF022FAA6F&affID=119357&tsp=4970 SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File CHR DefaultSearchKeyword: google.co.id CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars 2014-07-22 15:40 - 2014-07-22 15:40 - 00027351 _____ () C:\Users\Maros\Desktop\FRST.txt 2014-07-22 15:39 - 2014-07-22 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\Maros\Desktop\FRSTLauncher.exe 2014-07-17 15:45 - 2014-07-17 15:47 - 00044236 _____ () C:\Users\Maros\Downloads\RSITx64(1).exe.part 2014-07-17 15:41 - 2014-07-17 15:45 - 01222144 _____ () C:\Users\Maros\Downloads\RSITx64.exe 2014-07-21 05:43 - 2014-07-21 05:43 - 00021255 _____ () C:\Users\Maros\Desktop\zoek-results.txt 2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangzhisong 2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangjihua 2014-07-21 05:41 - 2014-07-21 04:44 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-07-21 04:46 - 2014-07-21 05:43 - 00021255 _____ () C:\zoek-results.log 2014-07-21 04:44 - 2014-07-21 05:42 - 00000000 ____D () C:\zoek_backup 2014-07-21 04:41 - 2014-07-21 04:42 - 01287168 _____ () C:\Users\Maros\Desktop\zoek.exe 2014-07-20 11:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-20 11:03 - 2014-07-20 11:18 - 00000000 ____D () C:\AdwCleaner 2014-07-20 11:02 - 2014-07-20 11:02 - 01354223 _____ () C:\Users\Maros\Desktop\adwcleaner_3.216.exe 2014-07-20 10:59 - 2014-07-20 10:59 - 00013304 _____ () C:\Users\Maros\Desktop\JRT.txt 2014-07-20 10:44 - 2014-07-20 10:44 - 00000000 ____D () C:\Windows\ERUNT 2014-07-20 10:41 - 2014-07-20 10:41 - 01016261 _____ (Thisisu) C:\Users\Maros\Desktop\JRT.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 AlternateDataStreams: C:\ProgramData\TEMP:D346F792 REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Plugin Install" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsUpdate" /f C:\Users\Maros\ZNHCL\PDBLD.vbs REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16" /f Task: {82F8CCE2-80EE-4E91-9632-2297ABDBCEB4} - \Fifth No Task File <==== ATTENTION Task: {9140AA0C-F5A5-4BBB-9A6C-E949369CEFBF} - \Funmoods No Task File <==== ATTENTION Task: {CD3B0F2B-A040-461E-8F47-F1CFB763E497} - \OMESupervisor No Task File <==== ATTENTION Task: {EAEFEFF7-B5DB-42C1-B7D3-DF89C9BA5CE9} - System32\Tasks\Test TimeTrigger => C:\Users\Maros\AppData\Local\Temp\Runner.exe <==== ATTENTION Hosts: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosim o kontrolu zpomalený pc
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-07-2014 02
Ran by Maros at 2014-08-01 10:43:54 Run:1
Running from C:\Users\Maros\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [GoogleChromeAutoLaunch_6330810F60C6FA6EF269FD2BE97A4501] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0181819E-19D7-4938-A59E-6053C7E351F4 URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A2E2F866-E02B-4381-891A-E24F2BEBBF17} URL = http://start.mysearchdial.com/results.p ... 223415&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0181819E-19D7-4938-A59E-6053C7E351F4 URL = http://start.mysearchdial.com/results.p ... 223415&ir=
SearchScopes: HKLM-x32 - {10D53038-159E-65B7-F466-1BD03776B6C4} URL =
SearchScopes: HKCU - DefaultScope 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={search ... 7&tsp=4970
SearchScopes: HKCU - 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={search ... 7&tsp=4970
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
CHR DefaultSearchKeyword: google.co.id
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
2014-07-22 15:40 - 2014-07-22 15:40 - 00027351 _____ () C:\Users\Maros\Desktop\FRST.txt
2014-07-22 15:39 - 2014-07-22 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\Maros\Desktop\FRSTLauncher.exe
2014-07-17 15:45 - 2014-07-17 15:47 - 00044236 _____ () C:\Users\Maros\Downloads\RSITx64(1).exe.part
2014-07-17 15:41 - 2014-07-17 15:45 - 01222144 _____ () C:\Users\Maros\Downloads\RSITx64.exe
2014-07-21 05:43 - 2014-07-21 05:43 - 00021255 _____ () C:\Users\Maros\Desktop\zoek-results.txt
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangzhisong
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangjihua
2014-07-21 05:41 - 2014-07-21 04:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-21 04:46 - 2014-07-21 05:43 - 00021255 _____ () C:\zoek-results.log
2014-07-21 04:44 - 2014-07-21 05:42 - 00000000 ____D () C:\zoek_backup
2014-07-21 04:41 - 2014-07-21 04:42 - 01287168 _____ () C:\Users\Maros\Desktop\zoek.exe
2014-07-20 11:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-20 11:03 - 2014-07-20 11:18 - 00000000 ____D () C:\AdwCleaner
2014-07-20 11:02 - 2014-07-20 11:02 - 01354223 _____ () C:\Users\Maros\Desktop\adwcleaner_3.216.exe
2014-07-20 10:59 - 2014-07-20 10:59 - 00013304 _____ () C:\Users\Maros\Desktop\JRT.txt
2014-07-20 10:44 - 2014-07-20 10:44 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 10:41 - 2014-07-20 10:41 - 01016261 _____ (Thisisu) C:\Users\Maros\Desktop\JRT.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:D346F792
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Plugin Install" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsUpdate" /f
C:\Users\Maros\ZNHCL\PDBLD.vbs
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16" /f
Task: {82F8CCE2-80EE-4E91-9632-2297ABDBCEB4} - \Fifth No Task File <==== ATTENTION
Task: {9140AA0C-F5A5-4BBB-9A6C-E949369CEFBF} - \Funmoods No Task File <==== ATTENTION
Task: {CD3B0F2B-A040-461E-8F47-F1CFB763E497} - \OMESupervisor No Task File <==== ATTENTION
Task: {EAEFEFF7-B5DB-42C1-B7D3-DF89C9BA5CE9} - System32\Tasks\Test TimeTrigger => C:\Users\Maros\AppData\Local\Temp\Runner.exe <==== ATTENTION
Hosts:
Reboot:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_6330810F60C6FA6EF269FD2BE97A4501 => value deleted successfully.
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => Key deleted successfully.
"HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A2E2F866-E02B-4381-891A-E24F2BEBBF17}" => Key deleted successfully.
"HKCR\CLSID\{A2E2F866-E02B-4381-891A-E24F2BEBBF17}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0181819E-19D7-4938-A59E-6053C7E351F4" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0181819E-19D7-4938-A59E-6053C7E351F4" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{10D53038-159E-65B7-F466-1BD03776B6C4}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{10D53038-159E-65B7-F466-1BD03776B6C4}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\070DCBBBD1AB44CFB634AF9CDA1BB9DF" => Key deleted successfully.
"HKCR\CLSID\070DCBBBD1AB44CFB634AF9CDA1BB9DF" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
"HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}" => Key not found.
"HKCR\PROTOCOLS\Handler\gcf" => Key deleted successfully.
"HKCR\CLSID\{9875BFAF-B04D-445E-8A69-BE36838CDE3E}" => Key not found.
CHR DefaultSearchKeyword: google.co.id ==> The Chrome "Settings" can be used to fix the entry.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
C:\Users\Maros\Desktop\FRST.txt => Moved successfully.
"C:\Users\Maros\Desktop\FRSTLauncher.exe" => File/Directory not found.
"C:\Users\Maros\Downloads\RSITx64(1).exe.part" => File/Directory not found.
C:\Users\Maros\Downloads\RSITx64.exe => Moved successfully.
"C:\Users\Maros\Desktop\zoek-results.txt" => File/Directory not found.
C:\Users\wangzhisong => Moved successfully.
C:\Users\wangjihua => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
"C:\Users\Maros\Desktop\zoek.exe" => File/Directory not found.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Maros\Desktop\adwcleaner_3.216.exe => Moved successfully.
"C:\Users\Maros\Desktop\JRT.txt" => File/Directory not found.
C:\Windows\ERUNT => Moved successfully.
"C:\Users\Maros\Desktop\JRT.exe" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
C:\ProgramData\TEMP => ":D346F792" ADS removed successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Plugin Install" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsUpdate" /f =========
The operation completed successfully.
========= End of Reg: =========
C:\Users\Maros\ZNHCL\PDBLD.vbs => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16" /f =========
The operation completed successfully.
========= End of Reg: =========
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82F8CCE2-80EE-4E91-9632-2297ABDBCEB4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82F8CCE2-80EE-4E91-9632-2297ABDBCEB4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Fifth" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9140AA0C-F5A5-4BBB-9A6C-E949369CEFBF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9140AA0C-F5A5-4BBB-9A6C-E949369CEFBF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CD3B0F2B-A040-461E-8F47-F1CFB763E497}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD3B0F2B-A040-461E-8F47-F1CFB763E497}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OMESupervisor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAEFEFF7-B5DB-42C1-B7D3-DF89C9BA5CE9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAEFEFF7-B5DB-42C1-B7D3-DF89C9BA5CE9}" => Key deleted successfully.
C:\Windows\System32\Tasks\Test TimeTrigger => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Test TimeTrigger" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
The system needed a reboot.
==== End of Fixlog ====
Ran by Maros at 2014-08-01 10:43:54 Run:1
Running from C:\Users\Maros\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [GoogleChromeAutoLaunch_6330810F60C6FA6EF269FD2BE97A4501] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0181819E-19D7-4938-A59E-6053C7E351F4 URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A2E2F866-E02B-4381-891A-E24F2BEBBF17} URL = http://start.mysearchdial.com/results.p ... 223415&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0181819E-19D7-4938-A59E-6053C7E351F4 URL = http://start.mysearchdial.com/results.p ... 223415&ir=
SearchScopes: HKLM-x32 - {10D53038-159E-65B7-F466-1BD03776B6C4} URL =
SearchScopes: HKCU - DefaultScope 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={search ... 7&tsp=4970
SearchScopes: HKCU - 070DCBBBD1AB44CFB634AF9CDA1BB9DF URL = http://www1.delta-search.com/?q={search ... 7&tsp=4970
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
CHR DefaultSearchKeyword: google.co.id
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
2014-07-22 15:40 - 2014-07-22 15:40 - 00027351 _____ () C:\Users\Maros\Desktop\FRST.txt
2014-07-22 15:39 - 2014-07-22 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\Maros\Desktop\FRSTLauncher.exe
2014-07-17 15:45 - 2014-07-17 15:47 - 00044236 _____ () C:\Users\Maros\Downloads\RSITx64(1).exe.part
2014-07-17 15:41 - 2014-07-17 15:45 - 01222144 _____ () C:\Users\Maros\Downloads\RSITx64.exe
2014-07-21 05:43 - 2014-07-21 05:43 - 00021255 _____ () C:\Users\Maros\Desktop\zoek-results.txt
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangzhisong
2014-07-21 05:41 - 2014-07-21 05:41 - 00000000 ____D () C:\Users\wangjihua
2014-07-21 05:41 - 2014-07-21 04:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-21 04:46 - 2014-07-21 05:43 - 00021255 _____ () C:\zoek-results.log
2014-07-21 04:44 - 2014-07-21 05:42 - 00000000 ____D () C:\zoek_backup
2014-07-21 04:41 - 2014-07-21 04:42 - 01287168 _____ () C:\Users\Maros\Desktop\zoek.exe
2014-07-20 11:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-20 11:03 - 2014-07-20 11:18 - 00000000 ____D () C:\AdwCleaner
2014-07-20 11:02 - 2014-07-20 11:02 - 01354223 _____ () C:\Users\Maros\Desktop\adwcleaner_3.216.exe
2014-07-20 10:59 - 2014-07-20 10:59 - 00013304 _____ () C:\Users\Maros\Desktop\JRT.txt
2014-07-20 10:44 - 2014-07-20 10:44 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 10:41 - 2014-07-20 10:41 - 01016261 _____ (Thisisu) C:\Users\Maros\Desktop\JRT.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:D346F792
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Plugin Install" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsUpdate" /f
C:\Users\Maros\ZNHCL\PDBLD.vbs
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16" /f
Task: {82F8CCE2-80EE-4E91-9632-2297ABDBCEB4} - \Fifth No Task File <==== ATTENTION
Task: {9140AA0C-F5A5-4BBB-9A6C-E949369CEFBF} - \Funmoods No Task File <==== ATTENTION
Task: {CD3B0F2B-A040-461E-8F47-F1CFB763E497} - \OMESupervisor No Task File <==== ATTENTION
Task: {EAEFEFF7-B5DB-42C1-B7D3-DF89C9BA5CE9} - System32\Tasks\Test TimeTrigger => C:\Users\Maros\AppData\Local\Temp\Runner.exe <==== ATTENTION
Hosts:
Reboot:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_6330810F60C6FA6EF269FD2BE97A4501 => value deleted successfully.
HKU\S-1-5-21-2506837737-3134715512-2625980799-1010\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => Key deleted successfully.
"HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A2E2F866-E02B-4381-891A-E24F2BEBBF17}" => Key deleted successfully.
"HKCR\CLSID\{A2E2F866-E02B-4381-891A-E24F2BEBBF17}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0181819E-19D7-4938-A59E-6053C7E351F4" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0181819E-19D7-4938-A59E-6053C7E351F4" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{10D53038-159E-65B7-F466-1BD03776B6C4}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{10D53038-159E-65B7-F466-1BD03776B6C4}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\070DCBBBD1AB44CFB634AF9CDA1BB9DF" => Key deleted successfully.
"HKCR\CLSID\070DCBBBD1AB44CFB634AF9CDA1BB9DF" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
"HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}" => Key not found.
"HKCR\PROTOCOLS\Handler\gcf" => Key deleted successfully.
"HKCR\CLSID\{9875BFAF-B04D-445E-8A69-BE36838CDE3E}" => Key not found.
CHR DefaultSearchKeyword: google.co.id ==> The Chrome "Settings" can be used to fix the entry.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
C:\Users\Maros\Desktop\FRST.txt => Moved successfully.
"C:\Users\Maros\Desktop\FRSTLauncher.exe" => File/Directory not found.
"C:\Users\Maros\Downloads\RSITx64(1).exe.part" => File/Directory not found.
C:\Users\Maros\Downloads\RSITx64.exe => Moved successfully.
"C:\Users\Maros\Desktop\zoek-results.txt" => File/Directory not found.
C:\Users\wangzhisong => Moved successfully.
C:\Users\wangjihua => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
"C:\Users\Maros\Desktop\zoek.exe" => File/Directory not found.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Maros\Desktop\adwcleaner_3.216.exe => Moved successfully.
"C:\Users\Maros\Desktop\JRT.txt" => File/Directory not found.
C:\Windows\ERUNT => Moved successfully.
"C:\Users\Maros\Desktop\JRT.exe" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
C:\ProgramData\TEMP => ":D346F792" ADS removed successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Plugin Install" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsUpdate" /f =========
The operation completed successfully.
========= End of Reg: =========
C:\Users\Maros\ZNHCL\PDBLD.vbs => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16" /f =========
The operation completed successfully.
========= End of Reg: =========
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82F8CCE2-80EE-4E91-9632-2297ABDBCEB4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82F8CCE2-80EE-4E91-9632-2297ABDBCEB4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Fifth" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9140AA0C-F5A5-4BBB-9A6C-E949369CEFBF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9140AA0C-F5A5-4BBB-9A6C-E949369CEFBF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CD3B0F2B-A040-461E-8F47-F1CFB763E497}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD3B0F2B-A040-461E-8F47-F1CFB763E497}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OMESupervisor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAEFEFF7-B5DB-42C1-B7D3-DF89C9BA5CE9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAEFEFF7-B5DB-42C1-B7D3-DF89C9BA5CE9}" => Key deleted successfully.
C:\Windows\System32\Tasks\Test TimeTrigger => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Test TimeTrigger" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
The system needed a reboot.
==== End of Fixlog ====
Re: prosim o kontrolu zpomalený pc
Jak se chova PC???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosim o kontrolu zpomalený pc
Dobry vecer,
tak myslim, ze funguje lepsie. Sem tam sa otvaraju, spustaju programy pomalsie, ale urcite to je lepsie. Obcas sa mi seka outlook, neviem ci to moze byt ovplyvnene rychlostou pripojenia alebo je to, ze mam v pocitaci este nejake malwary...
tak myslim, ze funguje lepsie. Sem tam sa otvaraju, spustaju programy pomalsie, ale urcite to je lepsie. Obcas sa mi seka outlook, neviem ci to moze byt ovplyvnene rychlostou pripojenia alebo je to, ze mam v pocitaci este nejake malwary...
Re: prosim o kontrolu zpomalený pc
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
Doporucuji provest defragmentaci disku
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Doporucuji provest defragmentaci disku
- Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
- Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
- Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?