Dobry den,
prosim mohol by ste mi niekto pomoct, zacalo sa mi pri otvoreni mozzila alebo aj ineho prehliadaca zjavovat Yandex. Vraj to moze byt nejaky virus.?? :-/
Logfile of random's system information tool 1.10 (written by random/random)
Run by JanaS at 2014-08-14 11:09:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 84 GB (29%) free of 290 GB
Total RAM: 1954 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:10:14, on 14.08.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal
Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Users\JanaS\AppData\Local\iLivid\iLivid.exe
C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\JanaS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\trend micro\JanaS.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?win=135&clid=1989595
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll
O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll
O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll (file missing)
O2 - BHO: ?????????? ???????? - {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O3 - Toolbar: Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll
O3 - Toolbar: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll
O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll (file missing)
O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll (file missing)
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Google Update] "C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Handy Updater] "C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
O4 - HKCU\..\Run: [iLivid] "C:\Users\JanaS\AppData\Local\iLivid\iLivid.exe" -autorun
O4 - HKCU\..\Run: [ABBYY Screenshot Reader Bonus] "C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk = ?
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O4 - Global Startup: ING eKalkulačka.lnk = JanaS\ING_eKalkulacka_OVB_SK\run.cmd
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71E231D9-C0F9-44A0-9AFF-BD84F1730C17}: NameServer = 85.237.225.250 213.151.222.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9365ED9-A4C9-4F8F-911A-4668A0D1E2A7}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{E06DED20-37EE-43C3-BCD7-9EFE48F515CA}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY PDF Transformer 3.0 – Licenčná služba (ABBYY.Licensing.PDFTransformer.Classic.3.0) - ABBYY - C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Conexant Utility Service (CxUtilSvc) - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxdq_device - Unknown owner - C:\windows\system32\lxdqcoms.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: Printer Control - Unknown owner - C:\windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Soda PDF 5 Helper Service - LULU Software - C:\Program Files (x86)\Soda PDF 5\HelperService.exe
O23 - Service: Soda PDF 5 Service - LULU Software - C:\Program Files (x86)\Soda PDF 5\ConversionService.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18880 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 29057520
\??\C:\windows\system32\conhost.exe "1397958057-711031558734490434178140347921646467-258423476-435772904182229064
C:\windows\System32\spoolsv.exe
"C:\Program Files\DigitalPersona\Bin\DpHostW.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files\Conexant\SA3\CxUtilSvc.exe"
C:\ProgramData\DatacardService\DCService.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe" -s KROS_20400
C:\windows\system32\HPSIsvc.exe
C:\windows\system32\lxdqcoms.exe -service
"C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe"
"C:\Program Files (x86)\Online Games Manager\ogmservice.exe" --service-run
C:\windows\system32\PrintCtrl.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Soda PDF 5\HelperService.exe"
"C:\Program Files (x86)\Soda PDF 5\ConversionService.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3096
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007e0
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files\Conexant\SA3\SmartAudio3.exe" /sa3 /dne /s
"C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
"C:\Users\JanaS\AppData\Local\iLivid\iLivid.exe" -autorun
"C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe" -autorun
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN16F4C0XZ05PJ;CONNECTION=USB;MONITOR=1;
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /PhotoViewerComServer {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} -Embedding
"C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7e528969-0316-48f1-8efc-3760ba91dfbd -SystemEventPortName:HostProcess-f6de0025-9d4e-4918-82f2-809cd93ad3c8 -IoCancelEventPortName:HostProcess-3dce8470-83eb-4957-bf80-06ada0d5b089 -NonStateChangingEventPortName:HostProcess-10154e0e-1d41-4698-9303-fde71fb83474 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f0cbf1dc-96d8-432e-bdfb-593dea155a5e -DeviceGroupId:WpdFsGroup
"LogonUI.exe" /flags:0x0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=352.2a024120.1490082754 "C:\Users\JanaS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 352 "\\.\pipe\gecko-crash-server-pipe.352" plugin
"C:\Users\JanaS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\JanaS\Downloads\RSITx64(1).exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000Core.job - C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000UA.job - C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HP Photo Creations Messager.job - C:\ProgramData\HP Photo Creations\MessageCheck.exe
C:\windows\tasks\Norton Security Scan for JanaS.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
=========Mozilla firefox=========
ProfilePath - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.search.ask.com/?o=APN10645A& ... 49-221&t=4"
prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gc ... PN10645&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDF Architect 2]
"Description"=
"Path"=C:\Program Files (x86)\PDF Architect 2\np-previewer.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
C:\Program Files (x86)\Mozilla Firefox\components\
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npPDFXCviewNPPlugin.dll
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\extensions\
donottrackplus@abine.com
vb@yandex.ru
yasearch@yandex.ru
{6991704F-B66B-7E0F-9123-19C9D5AA850E}
{d1dac034-9fd9-4c13-a388-d2e10e57707f}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\
ask-web-search.xml
Ask.xml
babylon.xml
yandex.ru-101827.xml
yqs-barff-yandex.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1dac034-9fd9-4c13-a388-d2e10e57707f}]
Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~2\IE\searchresultsDx64.dll [2013-12-11 131536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}]
Визуальные закладки
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-27 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-02-26 357432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}]
Movies Toolbar (Dist. by Somoto Ltd.) - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll [2013-08-19 92560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}]
Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C737F472-1193-4281-BF53-A00B67AB3E19}]
Soda PDF 5 IE Helper - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll [2013-01-29 91488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1dac034-9fd9-4c13-a388-d2e10e57707f}]
Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}]
Визуальные закладки
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-02-26 294456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{d1dac034-9fd9-4c13-a388-d2e10e57707f} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~2\IE\searchresultsDx64.dll [2013-12-11 131536]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - Soda PDF 5 IE Toolbar - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll [2013-01-29 654688]
{3444c3c5-6c56-4a16-a453-832b05bf6ea4} - Movies Toolbar (Dist. by Somoto Ltd.) - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll [2013-08-19 92560]
{3d86a75b-cb6b-4764-885d-ca6336f04ba2} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []
{d1dac034-9fd9-4c13-a388-d2e10e57707f} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll []
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-20 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-20 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-20 416024]
"SmartAudio"=C:\Program Files\CONEXANT\SA3\SACpl.exe [2011-06-24 1573504]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-30 2780968]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2010-12-17 686704]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2011-03-24 3668336]
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-07-28 1935120]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-05-19 10365952]
"PrintDisp"=C:\windows\system32\PrintDisp.exe [2012-10-29 870400]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-05-23 466656]
"Google Update"=C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-31 136176]
"Handy Updater"=C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe [2013-07-05 370176]
"iLivid"=C:\Users\JanaS\AppData\Local\iLivid\iLivid.exe [2013-09-09 6827008]
"ABBYY Screenshot Reader Bonus"=C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe [2009-05-09 939272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1133 Scan2PC]
C:\Windows\twain_32\Dell\Dell1133\Scan2Pc.exe [2009-12-24 1978880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-12-15 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2012-04-02 1831424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-31 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^JanaS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2011-04-13 503942]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-17 218408]
"LGODDFU"=C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [2008-10-01 548864]
"UpdatePSTShortCut"=C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-04-20 222504]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-01-12 49208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-06-24 750160]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013-08-26 1989920]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [2010-08-12 163040]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
ING eKalkulačka.lnk - C:\Users\JanaS\ING_eKalkulacka_OVB_SK\run.cmd
C:\Users\JanaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk - C:\windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-06-10 389632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DpHost]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-08-13 13:52:28 ----A---- C:\windows\SYSWOW64\shoC24A.tmp
2014-08-13 13:25:19 ----D---- C:\Users\JanaS\AppData\Roaming\dvdcss
2014-08-13 13:24:39 ----D---- C:\Users\JanaS\AppData\Roaming\vlc
2014-08-13 13:22:39 ----D---- C:\Program Files (x86)\VideoLAN
2014-07-29 10:32:02 ----N---- C:\windows\SYSWOW64\SvcMan.exe
2014-07-29 10:32:02 ----A---- C:\windows\system32\drivers\DgivEcp.sys
2014-07-29 10:31:26 ----A---- C:\windows\SYSWOW64\LTRPR13n.DLL
2014-07-29 10:31:26 ----A---- C:\windows\SYSWOW64\LTRIO13N.DLL
2014-07-29 10:31:26 ----A---- C:\windows\SYSWOW64\LTR13N.DLL
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\PCDLIB32.DLL
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lttwn13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\LTTLB13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\Ltpnt13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\ltpdg13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\LTOCR13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\ltefx13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\LTCLR13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\ltbar13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lftif13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfpsd13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\LFPNM13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\Lfpng13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfpcx13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfpcx13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfpcd13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfpcd13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfmsp13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfjbg13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\LFJ2K13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfitg13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfitg13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfimg13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfimg13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfiff13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfiff13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lffax13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lffax13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfeps13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfeps13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\LFCMP13s.DLL
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfclp13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfclp13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfbmp13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfavi13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfavi13n.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfani13s.dll
2014-07-29 10:31:25 ----A---- C:\windows\SYSWOW64\lfani13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\lttmb13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\ltkrn13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\ltimg13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\LTDIS13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\lftif13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\lfpsd13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\LFPNM13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\Lfpng13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\lfmsp13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\lfjbg13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\LFJ2K13n.dll
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\LFCMP13n.DLL
2014-07-29 10:31:24 ----A---- C:\windows\SYSWOW64\lfbmp13n.dll
2014-07-29 10:31:23 ----A---- C:\windows\SYSWOW64\Mfcoleui.dll
2014-07-29 10:31:23 ----A---- C:\windows\SYSWOW64\Ltwvc13n.dll
2014-07-29 10:31:23 ----A---- C:\windows\SYSWOW64\ltlst13n.dll
2014-07-29 10:31:23 ----A---- C:\windows\SYSWOW64\ltfil13n.DLL
2014-07-29 10:31:23 ----A---- C:\windows\SYSWOW64\ltdlg13n.dll
2014-07-29 10:18:20 ----D---- C:\Users\JanaS\AppData\Roaming\Opera Software
2014-07-29 10:18:18 ----D---- C:\Users\JanaS\AppData\Roaming\Yandex
2014-07-29 10:16:14 ----D---- C:\windows\system32\drivers\NSSx64
2014-07-29 10:16:14 ----D---- C:\Program Files (x86)\Norton Security Scan
2014-07-29 10:16:07 ----D---- C:\Program Files (x86)\NortonInstaller
2014-07-29 10:14:17 ----HDC---- C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-29 10:13:26 ----D---- C:\Users\JanaS\AppData\Roaming\ImperiaOnline
2014-07-23 09:58:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-08-14 11:10:14 ----D---- C:\windows\Prefetch
2014-08-14 11:10:08 ----AD---- C:\windows\Temp
2014-08-14 11:10:05 ----D---- C:\Program Files\trend micro
2014-08-14 10:01:58 ----D---- C:\windows\system32\config
2014-08-14 08:58:56 ----AD---- C:\windows\System32
2014-08-14 08:58:55 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-08-14 08:58:54 ----D---- C:\windows\inf
2014-08-14 08:48:20 ----D---- C:\ProgramData\firebird
2014-08-14 08:47:49 ----A---- C:\windows\lgfwup.ini
2014-08-13 13:56:43 ----A---- C:\windows\SYSWOW64\log.txt
2014-08-13 13:52:28 ----D---- C:\windows\SysWOW64
2014-08-13 13:52:13 ----D---- C:\windows\system32\catroot
2014-08-13 13:50:24 ----SHD---- C:\windows\Installer
2014-08-13 13:50:15 ----RD---- C:\Program Files (x86)
2014-08-13 13:50:15 ----HD---- C:\ProgramData
2014-08-13 13:42:46 ----D---- C:\Users\JanaS\AppData\Roaming\Seznam.cz
2014-08-13 13:41:37 ----AD---- C:\Windows
2014-08-13 13:41:32 ----SHD---- C:\System Volume Information
2014-08-13 13:41:13 ----D---- C:\Program Files (x86)\Common Files
2014-08-13 13:38:58 ----D---- C:\ProgramData\Skype
2014-08-13 13:37:38 ----D---- C:\windows\system32\Tasks
2014-08-13 13:37:33 ----D---- C:\windows\Tasks
2014-08-13 13:37:17 ----D---- C:\Users\JanaS\AppData\Roaming\systweak
2014-08-13 09:18:10 ----D---- C:\windows\system32\catroot2
2014-07-29 10:36:48 ----RD---- C:\Program Files
2014-07-29 10:32:02 ----D---- C:\windows\system32\drivers
2014-07-29 10:30:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-29 10:25:07 ----D---- C:\Temp
2014-07-29 10:16:14 ----D---- C:\ProgramData\Norton
2014-07-29 09:08:52 ----D---- C:\windows\Logs
2014-07-29 08:48:00 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-29 08:47:58 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-28 15:33:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-22 16:06:50 ----D---- C:\Users\JanaS\AppData\Roaming\PCDr
2014-07-15 14:21:41 ----D---- C:\Projection
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2014-06-03 130584]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2013-12-05 28600]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-07-29 486192]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2014-06-24 117712]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2007-11-22 11576]
R3 Acceler;Accelerometer Service; C:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
R3 AMPPAL;Virtuבlnם adaptיr Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 299008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaudio;Intel Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-05-19 53248]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 282624]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-06-10 1591936]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
R3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys [2010-08-24 91648]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-07-27 86016]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-20 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-06-10 12230912]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 iwdbus;IWD Bus Enumerator; C:\windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-08-04 8604672]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-22 452200]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-30 1439280]
R3 tihub3;TI USB3 Hub Service; C:\windows\system32\DRIVERS\tihub3.sys [2011-07-21 136000]
R3 tixhci;TI XHCI Service; C:\windows\system32\DRIVERS\tixhci.sys [2011-07-21 406336]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 Angelnt;Angelnt; C:\windows\System32\Drivers\ANGELNT.SYS []
S2 DgiVecp;DgiVecp; \??\C:\windows\system32\Drivers\DgiVecp.sys [2009-03-07 53816]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\windows\system32\DRIVERS\amppal.sys [2011-08-08 299008]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2012-07-03 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys [2012-07-03 36352]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2012-07-26 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2012-07-26 27760]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2011-03-24 34200]
S3 mvusbews;USB EWS Device; C:\windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-12-02 250984]
S3 SWDUMon;SWDUMon; C:\windows\system32\DRIVERS\SWDUMon.sys [2011-12-16 15672]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;ABBYY PDF Transformer 3.0 – Licenčná služba; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [2009-04-27 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-08 1166848]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-06-24 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-06-24 430160]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-05-19 921664]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-05-19 995392]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2011-05-12 200320]
R2 CxUtilSvc;Conexant Utility Service; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [2011-06-24 28288]
R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-09-29 249856]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2010-12-29 440144]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-07-28 1517328]
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2010-11-24 127800]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-23 326168]
R2 lxdq_device;lxdq_device; C:\windows\system32\lxdqcoms.exe [2007-11-28 1039872]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-03-05 230416]
R2 ogmservice;Online Games Manager; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2014-03-27 581568]
R2 Printer Control;Printer Control; C:\windows\system32\PrintCtrl.exe [2012-10-21 121856]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-07-28 844560]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-21 689472]
R2 Soda PDF 5 Helper Service;Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [2013-01-29 1069408]
R2 Soda PDF 5 Service;Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [2013-01-29 794464]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-23 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-12-03 3143472]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-05-19 1335360]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-21 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2012-04-02 1831424]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-21 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-28 340240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-04-17 1716264]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2014-04-17 861736]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-12-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Yandex
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Yandex
Zdravim a pekne poledne preji 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Yandex
Zdravim, posielam log z toho prveho:
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by JanaS on 15.08.2014 at 9:31:11,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\apn dtx
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\filesfrog update checker
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\sweetim bundle by sweetpacks
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A5F91344-8569-4BAA-A2BA-8BA64FFDDD42}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1dac034-9fd9-4c13-a388-d2e10e57707f}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{d1dac034-9fd9-4c13-a388-d2e10e57707f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1dac034-9fd9-4c13-a388-d2e10e57707f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d1dac034-9fd9-4c13-a388-d2e10e57707f}
~~~ Files
Successfully deleted: [File] "C:\Users\JanaS\AppData\Roaming\microsoft\windows\start menu\programs\ilivid.lnk"
Successfully deleted: [File] C:\windows\syswow64\sho2F08.tmp
Successfully deleted: [File] C:\windows\syswow64\sho5F20.tmp
Successfully deleted: [File] C:\windows\syswow64\sho7C8B.tmp
Successfully deleted: [File] C:\windows\syswow64\shoC24A.tmp
Successfully deleted: [File] C:\windows\syswow64\shoF163.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\JanaS\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\movies toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchqu toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetpacks bundle uninstaller"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
Successfully deleted: [Folder] "C:\windows\syswow64\arfc"
Successfully deleted: [Folder] "C:\windows\syswow64\jmdp"
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{00ADB779-6DD1-4495-81BE-407DEA133525}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{01B10677-470E-496C-B4F8-34C5B78D899B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0363B0F9-B818-426B-887E-7D45033F5CDD}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0685966D-23B3-4D1F-AE69-A8BD75E52D00}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0A7836FA-7A19-4A44-BDB3-A01915D6F16B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0BFC7F58-3EDF-422E-B37C-CE0FD5D9D966}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0F3BE713-86CF-49ED-9D4E-AB7A8967FED4}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{10BE3BFA-23B0-43B0-817A-73B52D5D0DBA}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{17974F15-9749-4545-AB9D-D448903EF57E}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{1936088C-57B5-4CCB-9B52-14AA30247D6E}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{19F5D9A9-5E20-49DC-84E5-A42D623467F4}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{1BCB0C67-4729-4815-B874-9EFEB75D7B8D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{23C3ECB3-29BA-4D4C-9555-13D30365FF29}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{27A4F034-7FBE-423B-8D45-5F0097224CC7}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{27D1D669-1B4A-40C2-9CF0-7EAEBE02024C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{299C9F67-3E4E-4368-9054-25B9A4C27B78}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{2C2C3134-08E6-433B-BEC4-5972CFEE2B33}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{2FD353C1-415E-47DC-B84E-A6DCB5130D3D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{34BAF313-9859-4790-BDBA-D230E88C7B11}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{36AE7001-F5C7-420E-AF9A-6AEE2E64AEDC}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{372A4178-629A-4C6C-97AB-5E637E3B1C59}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{3830296A-A693-4C3F-B77B-436F439626EF}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{3C59AA1C-382B-4581-9049-B8B0CF688125}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{412940E1-59F2-46D2-9A05-0B509CCAA26C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{4463C265-77B7-4087-8E6F-8175B8DCFA4C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{463234F3-C53F-4876-9760-95927D69345B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{470111E4-72CA-4F7F-80CA-C8954D82CDCD}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{49D3A7A7-9545-4270-BE5A-035607EE4DB0}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{4CF2E20A-18EE-4DAC-A20F-A0C15E611AE7}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{4E07E7EA-ECDC-4739-9FE7-5660FAF21D62}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{50B68086-A3AE-485F-8D08-6A1B3AC08C06}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{54B74E37-B781-4CB4-AC09-B8F2B657FF4C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{56E3FC9D-D42A-44F7-A6EC-71E26DB9AE37}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{584F2AA6-EB93-48E3-8A96-F2AC93324824}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{60339DFC-D0E5-4613-A9D5-F645727838AD}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{6038125C-7F02-40B6-ACDF-8B07CD8CF8FB}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{62AFA92D-1B24-4113-8A72-413F5F480E9A}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{62BF6B88-F5B6-4BEF-B87B-5A7B6EA82102}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{6679E891-95CA-4D81-94E4-137B929CFD1B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{6AA57071-BD2A-4B10-84BD-03E810C8AF67}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{6F57FDFC-5392-43BA-A277-815D8BE9A80D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{72F340C2-DD79-46C8-B670-FA529FC86399}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{73515DE1-7575-4222-98FA-2100DD0D5377}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{74EC02AE-C06D-4A01-8B48-8E30BD289801}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{7830FB18-0F0D-4693-A79D-49B87F475F8C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{7BA39CD0-2013-42BA-A599-6633FB1A7D12}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{7BF96B29-C229-44F3-8A2C-E3F73DADD856}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{7D12010C-20C4-4F34-A26B-3B3BDA989BE8}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{82F145AB-7DB9-4A51-AD7C-66C17DBC05C6}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{83F1F8DD-61CA-4C36-9C1C-FA9219747195}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{8CB24B1F-8844-41AF-8007-9E8B57BDA4C4}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{8E705B62-5122-4C8A-967C-3541C0FC768A}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{8FDD1BFC-1D30-4767-811B-16694F7169E4}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{90386F33-EB3A-47BE-BE04-451D97681A83}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{9244C9AD-28BE-408E-B5D8-6B9680D9FA38}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{938C5F4D-C3FA-4520-AC6C-C18EE705689D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{963A503C-BD67-41BB-B211-25526BAC47DC}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{96E0C120-9D36-461B-B040-B0FA09B0532F}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{9FE37C27-9926-4F7B-A0BF-28FE88E6E265}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A0397EE3-83F4-4155-BBA1-649761E52796}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A3063EA0-5622-4FF4-B420-73C73C349A2B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A46CB6BC-CFA2-471B-9FB9-0DED40EDB09C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A761B6EB-1F77-4BA2-B342-9C109755E315}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A819A098-F9F1-402F-87B6-998FF093749B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A99E79DC-CBFF-40FE-B6E9-55F6C8192C87}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{AA36ADE3-DB50-47B9-9997-F84296FCAD52}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{AA9B1243-FE5C-49C9-A0EE-9E5201A5BA53}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{AFE80181-015E-4B30-BD3B-344293F02407}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{BA4999B1-48F9-4FC0-8329-0B0E89F09029}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{BCA0AB69-3C54-437F-92F5-43C9F94D0C53}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{BEA40970-C7AA-4872-B002-A1EB6207112B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{C3A1765B-83F4-40F3-B599-220742C87F54}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{CDD378C7-DD1C-45E8-886E-3E15F6DEFB1C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{CF4B6A6F-3FDB-455D-B6C8-E77A19F9F119}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D0990EEA-6D91-4841-B9AA-E86E178E79F0}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D236D766-DE50-4C6A-8847-BCC4B919C416}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D6EDAA44-5599-4694-AE21-D997391E2422}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D77FC2D3-3FD7-4995-9293-0B0E125C2CC5}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D8F2DE01-B4AB-4E15-ADC0-B54EA5818F6C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D931A957-D0E2-4A2B-9986-08759F5136E0}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{DD124585-9D44-48AB-A04B-B836C51194FC}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{DDD3491E-2D8D-4329-9375-197E185592A3}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{DEF59407-0186-4C01-B1DD-B5FDE5D3CF51}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E3E9381B-80DB-4A66-89F9-A0463986BB25}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E423255A-9EF0-4B61-A6E6-6D4060F8764B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E5E316CB-A364-4CE6-B94E-D8C0382F82E8}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E975EB11-F3AF-4E19-8763-A4B86A39FC58}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E9F368CF-9028-4F96-B3B9-92EC16D32ECB}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{EE496944-2941-48F8-8114-1425585A70DA}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{F264168A-7648-4D92-AB9B-A53D6D213341}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{F2860148-73FB-450B-BD18-0F3CEC06BCA8}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{F31545B0-CCB2-448A-A45B-D738A763516B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{F409FF15-7DAD-4154-A4B9-9FCC787C2C5B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{FB99BBBB-9DB8-4321-A88B-25DFA89A6B48}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{FBA000AE-47D9-4D15-B71D-0B2A295E0E7D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{FE85EE33-E750-4C2F-8528-736B35C5DA76}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{FF9F672C-C2AF-43F7-B53E-A4AA98B1A7CF}
~~~ FireFox
Successfully deleted: [File] C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\user.js
Successfully deleted: [File] C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\searchplugins\ask-web-search.xml
Successfully deleted: [File] C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\searchplugins\ask.xml
Successfully deleted: [File] C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\searchplugins\babylon.xml
Successfully deleted the following from C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\prefs.js
user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 49-221&t=4");
user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
user_pref("extensions.toolbar.mindspark._64Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=C1292572-75E5-425A-89EE-FB3D631DADDE&n=77fd031f&p2=^XP^xdm018^YYA^sk&si=
user_pref("extensions.toolbar.mindspark._64Members_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.initialized", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._64Members_.installation.installDate", "2013070111");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerId", "^XP^xdm018^YYA^sk");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerSubId", "COuFw-H_jbgCFQtY3godY3cA7Q");
user_pref("extensions.toolbar.mindspark._64Members_.installation.success", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.toolbarId", "C1292572-75E5-425A-89EE-FB3D631DADDE");
user_pref("extensions.toolbar.mindspark._64Members_.lastActivePing", "1372693995073");
user_pref("extensions.toolbar.mindspark._64Members_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "televisionfanatic@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "televisionfanatic@mindspark.com");
user_pref("extensions.yasearch@yandex.ru.defender.homepage.protected", "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 49-221&t=4");
user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=418&systemid=406&v=a12349-221&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=3563933023284136&o=APN10645&q="
Emptied folder: C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\minidumps [77 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.08.2014 at 9:48:13,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by JanaS on 15.08.2014 at 9:31:11,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\apn dtx
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\filesfrog update checker
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\sweetim bundle by sweetpacks
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A5F91344-8569-4BAA-A2BA-8BA64FFDDD42}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1dac034-9fd9-4c13-a388-d2e10e57707f}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{d1dac034-9fd9-4c13-a388-d2e10e57707f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1dac034-9fd9-4c13-a388-d2e10e57707f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d1dac034-9fd9-4c13-a388-d2e10e57707f}
~~~ Files
Successfully deleted: [File] "C:\Users\JanaS\AppData\Roaming\microsoft\windows\start menu\programs\ilivid.lnk"
Successfully deleted: [File] C:\windows\syswow64\sho2F08.tmp
Successfully deleted: [File] C:\windows\syswow64\sho5F20.tmp
Successfully deleted: [File] C:\windows\syswow64\sho7C8B.tmp
Successfully deleted: [File] C:\windows\syswow64\shoC24A.tmp
Successfully deleted: [File] C:\windows\syswow64\shoF163.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\JanaS\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\movies toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchqu toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetpacks bundle uninstaller"
Successfully deleted: [Folder] "C:\Users\JanaS\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
Successfully deleted: [Folder] "C:\windows\syswow64\arfc"
Successfully deleted: [Folder] "C:\windows\syswow64\jmdp"
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{00ADB779-6DD1-4495-81BE-407DEA133525}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{01B10677-470E-496C-B4F8-34C5B78D899B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0363B0F9-B818-426B-887E-7D45033F5CDD}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0685966D-23B3-4D1F-AE69-A8BD75E52D00}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0A7836FA-7A19-4A44-BDB3-A01915D6F16B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0BFC7F58-3EDF-422E-B37C-CE0FD5D9D966}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{0F3BE713-86CF-49ED-9D4E-AB7A8967FED4}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{10BE3BFA-23B0-43B0-817A-73B52D5D0DBA}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{17974F15-9749-4545-AB9D-D448903EF57E}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{1936088C-57B5-4CCB-9B52-14AA30247D6E}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{19F5D9A9-5E20-49DC-84E5-A42D623467F4}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{1BCB0C67-4729-4815-B874-9EFEB75D7B8D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{23C3ECB3-29BA-4D4C-9555-13D30365FF29}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{27A4F034-7FBE-423B-8D45-5F0097224CC7}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{27D1D669-1B4A-40C2-9CF0-7EAEBE02024C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{299C9F67-3E4E-4368-9054-25B9A4C27B78}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{2C2C3134-08E6-433B-BEC4-5972CFEE2B33}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{2FD353C1-415E-47DC-B84E-A6DCB5130D3D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{34BAF313-9859-4790-BDBA-D230E88C7B11}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{36AE7001-F5C7-420E-AF9A-6AEE2E64AEDC}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{372A4178-629A-4C6C-97AB-5E637E3B1C59}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{3830296A-A693-4C3F-B77B-436F439626EF}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{3C59AA1C-382B-4581-9049-B8B0CF688125}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{412940E1-59F2-46D2-9A05-0B509CCAA26C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{4463C265-77B7-4087-8E6F-8175B8DCFA4C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{463234F3-C53F-4876-9760-95927D69345B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{470111E4-72CA-4F7F-80CA-C8954D82CDCD}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{49D3A7A7-9545-4270-BE5A-035607EE4DB0}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{4CF2E20A-18EE-4DAC-A20F-A0C15E611AE7}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{4E07E7EA-ECDC-4739-9FE7-5660FAF21D62}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{50B68086-A3AE-485F-8D08-6A1B3AC08C06}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{54B74E37-B781-4CB4-AC09-B8F2B657FF4C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{56E3FC9D-D42A-44F7-A6EC-71E26DB9AE37}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{584F2AA6-EB93-48E3-8A96-F2AC93324824}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{60339DFC-D0E5-4613-A9D5-F645727838AD}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{6038125C-7F02-40B6-ACDF-8B07CD8CF8FB}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{62AFA92D-1B24-4113-8A72-413F5F480E9A}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{62BF6B88-F5B6-4BEF-B87B-5A7B6EA82102}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{6679E891-95CA-4D81-94E4-137B929CFD1B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{6AA57071-BD2A-4B10-84BD-03E810C8AF67}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{6F57FDFC-5392-43BA-A277-815D8BE9A80D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{72F340C2-DD79-46C8-B670-FA529FC86399}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{73515DE1-7575-4222-98FA-2100DD0D5377}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{74EC02AE-C06D-4A01-8B48-8E30BD289801}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{7830FB18-0F0D-4693-A79D-49B87F475F8C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{7BA39CD0-2013-42BA-A599-6633FB1A7D12}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{7BF96B29-C229-44F3-8A2C-E3F73DADD856}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{7D12010C-20C4-4F34-A26B-3B3BDA989BE8}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{82F145AB-7DB9-4A51-AD7C-66C17DBC05C6}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{83F1F8DD-61CA-4C36-9C1C-FA9219747195}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{8CB24B1F-8844-41AF-8007-9E8B57BDA4C4}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{8E705B62-5122-4C8A-967C-3541C0FC768A}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{8FDD1BFC-1D30-4767-811B-16694F7169E4}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{90386F33-EB3A-47BE-BE04-451D97681A83}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{9244C9AD-28BE-408E-B5D8-6B9680D9FA38}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{938C5F4D-C3FA-4520-AC6C-C18EE705689D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{963A503C-BD67-41BB-B211-25526BAC47DC}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{96E0C120-9D36-461B-B040-B0FA09B0532F}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{9FE37C27-9926-4F7B-A0BF-28FE88E6E265}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A0397EE3-83F4-4155-BBA1-649761E52796}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A3063EA0-5622-4FF4-B420-73C73C349A2B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A46CB6BC-CFA2-471B-9FB9-0DED40EDB09C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A761B6EB-1F77-4BA2-B342-9C109755E315}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A819A098-F9F1-402F-87B6-998FF093749B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{A99E79DC-CBFF-40FE-B6E9-55F6C8192C87}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{AA36ADE3-DB50-47B9-9997-F84296FCAD52}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{AA9B1243-FE5C-49C9-A0EE-9E5201A5BA53}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{AFE80181-015E-4B30-BD3B-344293F02407}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{BA4999B1-48F9-4FC0-8329-0B0E89F09029}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{BCA0AB69-3C54-437F-92F5-43C9F94D0C53}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{BEA40970-C7AA-4872-B002-A1EB6207112B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{C3A1765B-83F4-40F3-B599-220742C87F54}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{CDD378C7-DD1C-45E8-886E-3E15F6DEFB1C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{CF4B6A6F-3FDB-455D-B6C8-E77A19F9F119}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D0990EEA-6D91-4841-B9AA-E86E178E79F0}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D236D766-DE50-4C6A-8847-BCC4B919C416}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D6EDAA44-5599-4694-AE21-D997391E2422}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D77FC2D3-3FD7-4995-9293-0B0E125C2CC5}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D8F2DE01-B4AB-4E15-ADC0-B54EA5818F6C}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{D931A957-D0E2-4A2B-9986-08759F5136E0}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{DD124585-9D44-48AB-A04B-B836C51194FC}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{DDD3491E-2D8D-4329-9375-197E185592A3}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{DEF59407-0186-4C01-B1DD-B5FDE5D3CF51}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E3E9381B-80DB-4A66-89F9-A0463986BB25}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E423255A-9EF0-4B61-A6E6-6D4060F8764B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E5E316CB-A364-4CE6-B94E-D8C0382F82E8}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E975EB11-F3AF-4E19-8763-A4B86A39FC58}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{E9F368CF-9028-4F96-B3B9-92EC16D32ECB}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{EE496944-2941-48F8-8114-1425585A70DA}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{F264168A-7648-4D92-AB9B-A53D6D213341}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{F2860148-73FB-450B-BD18-0F3CEC06BCA8}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{F31545B0-CCB2-448A-A45B-D738A763516B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{F409FF15-7DAD-4154-A4B9-9FCC787C2C5B}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{FB99BBBB-9DB8-4321-A88B-25DFA89A6B48}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{FBA000AE-47D9-4D15-B71D-0B2A295E0E7D}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{FE85EE33-E750-4C2F-8528-736B35C5DA76}
Successfully deleted: [Empty Folder] C:\Users\JanaS\appdata\local\{FF9F672C-C2AF-43F7-B53E-A4AA98B1A7CF}
~~~ FireFox
Successfully deleted: [File] C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\user.js
Successfully deleted: [File] C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\searchplugins\ask-web-search.xml
Successfully deleted: [File] C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\searchplugins\ask.xml
Successfully deleted: [File] C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\searchplugins\babylon.xml
Successfully deleted the following from C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\prefs.js
user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 49-221&t=4");
user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
user_pref("extensions.toolbar.mindspark._64Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=C1292572-75E5-425A-89EE-FB3D631DADDE&n=77fd031f&p2=^XP^xdm018^YYA^sk&si=
user_pref("extensions.toolbar.mindspark._64Members_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.initialized", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._64Members_.installation.installDate", "2013070111");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerId", "^XP^xdm018^YYA^sk");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerSubId", "COuFw-H_jbgCFQtY3godY3cA7Q");
user_pref("extensions.toolbar.mindspark._64Members_.installation.success", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.toolbarId", "C1292572-75E5-425A-89EE-FB3D631DADDE");
user_pref("extensions.toolbar.mindspark._64Members_.lastActivePing", "1372693995073");
user_pref("extensions.toolbar.mindspark._64Members_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "televisionfanatic@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "televisionfanatic@mindspark.com");
user_pref("extensions.yasearch@yandex.ru.defender.homepage.protected", "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 49-221&t=4");
user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=418&systemid=406&v=a12349-221&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=3563933023284136&o=APN10645&q="
Emptied folder: C:\Users\JanaS\AppData\Roaming\mozilla\firefox\profiles\16yut7sw.default\minidumps [77 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.08.2014 at 9:48:13,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Yandex
Supr, tak to jeste projedte AdwCleanerem a log pak opet sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Yandex
Tu to je:
# AdwCleaner v3.305 - Report created 15/08/2014 at 10:07:52
# Updated 14/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : JanaS - JANAS-PC
# Running from : C:\Users\JanaS\Downloads\adwcleaner_3.305.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\Users\JanaS\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\JanaS\AppData\Local\iLivid
Folder Deleted : C:\Users\JanaS\AppData\Local\Softonic
Folder Deleted : C:\Users\JanaS\AppData\Local\somotomoviestoolbar1
Folder Deleted : C:\Users\JanaS\AppData\Local\torch
Folder Deleted : C:\Users\JanaS\AppData\LocalLow\ilividmoviestoolbar181
Folder Deleted : C:\Users\JanaS\AppData\LocalLow\ilividmoviestoolbarha
Folder Deleted : C:\Users\JanaS\AppData\LocalLow\somotomoviestoolbar1
Folder Deleted : C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\ilividmoviestoolbar181
Folder Deleted : C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
File Deleted : C:\windows\System32\dmwu.exe
File Deleted : C:\windows\System32\ImhxxpComm.dll
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\JanaS\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\JanaS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
***** [ Scheduled Tasks ] *****
Task Deleted : BrowserProtect
Task Deleted : EPUpdater
Task Deleted : SomotoUpdateCheckerAutoStart
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetImSetup (1)_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetImSetup (1)_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3D86A75B-CB6B-4764-885D-CA6336F04BA2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\APNDTX
Key Deleted : HKCU\Software\ilividmoviestoolbar181
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\UpdateStar
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181IE
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16611
-\\ Mozilla Firefox v31.0 (x86 sk)
[ File : C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\prefs.js ]
Line Deleted : user_pref("extensions.vb@yandex.ru.description", "Keep all your favorite sites in one place with Visual Bookmarks. Simply click on the one of the mini webpages to visit a site. You can customize the n[...]
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=415&systemid=406&sr=0&q={searchTerms}
Deleted [Search Provider] : hxxp://isearch.babylon.com/?q={searchTerms}&affID=119816&babsrc=SP_ss_gr&mntrId=7C4E4C80933412E2
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ARS&o=15084&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=AG&apn_dtid=YYYYYYYYSK&apn_uid=8d515ec3-3ac8-4914-a225-544fe5a40968&apn_sauid=EE3E8DFF-9AA8-40DC-9605-A662683158FD
Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 80933412E2
Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={1B451E9E-26EF-48B9-8566-8072A61597EE}
Deleted [Extension] : aaaaimdcedbpbcjjbbnfcbbjcngmomic
*************************
AdwCleaner[R0].txt - [14662 octets] - [15/08/2014 09:52:58]
AdwCleaner[S0].txt - [12650 octets] - [15/08/2014 10:07:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12711 octets] ##########
# AdwCleaner v3.305 - Report created 15/08/2014 at 10:07:52
# Updated 14/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : JanaS - JANAS-PC
# Running from : C:\Users\JanaS\Downloads\adwcleaner_3.305.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\Users\JanaS\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\JanaS\AppData\Local\iLivid
Folder Deleted : C:\Users\JanaS\AppData\Local\Softonic
Folder Deleted : C:\Users\JanaS\AppData\Local\somotomoviestoolbar1
Folder Deleted : C:\Users\JanaS\AppData\Local\torch
Folder Deleted : C:\Users\JanaS\AppData\LocalLow\ilividmoviestoolbar181
Folder Deleted : C:\Users\JanaS\AppData\LocalLow\ilividmoviestoolbarha
Folder Deleted : C:\Users\JanaS\AppData\LocalLow\somotomoviestoolbar1
Folder Deleted : C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\ilividmoviestoolbar181
Folder Deleted : C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
File Deleted : C:\windows\System32\dmwu.exe
File Deleted : C:\windows\System32\ImhxxpComm.dll
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\JanaS\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\JanaS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
***** [ Scheduled Tasks ] *****
Task Deleted : BrowserProtect
Task Deleted : EPUpdater
Task Deleted : SomotoUpdateCheckerAutoStart
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetImSetup (1)_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetImSetup (1)_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3D86A75B-CB6B-4764-885D-CA6336F04BA2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\APNDTX
Key Deleted : HKCU\Software\ilividmoviestoolbar181
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\UpdateStar
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181IE
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16611
-\\ Mozilla Firefox v31.0 (x86 sk)
[ File : C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\prefs.js ]
Line Deleted : user_pref("extensions.vb@yandex.ru.description", "Keep all your favorite sites in one place with Visual Bookmarks. Simply click on the one of the mini webpages to visit a site. You can customize the n[...]
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=415&systemid=406&sr=0&q={searchTerms}
Deleted [Search Provider] : hxxp://isearch.babylon.com/?q={searchTerms}&affID=119816&babsrc=SP_ss_gr&mntrId=7C4E4C80933412E2
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ARS&o=15084&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=AG&apn_dtid=YYYYYYYYSK&apn_uid=8d515ec3-3ac8-4914-a225-544fe5a40968&apn_sauid=EE3E8DFF-9AA8-40DC-9605-A662683158FD
Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 80933412E2
Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={1B451E9E-26EF-48B9-8566-8072A61597EE}
Deleted [Extension] : aaaaimdcedbpbcjjbbnfcbbjcngmomic
*************************
AdwCleaner[R0].txt - [14662 octets] - [15/08/2014 09:52:58]
AdwCleaner[S0].txt - [12650 octets] - [15/08/2014 10:07:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12711 octets] ##########
Re: Yandex
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Yandex
Zoek.exe v5.0.0.0 Updated 13-08-2014
Tool run by JanaS on 15.08.2014 at 14:35:58,39.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JanaS\Downloads\zoek(1)\zoek.com [Scan all users] [Script inserted]
==== System Restore Info ======================
15.08.2014 14:47:02 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_USERS\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A2D5EBA-F86D-4BD3-A177-019765996711} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\FFSodaPDF5Converter@sodapdf.com deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\prefs.js:
user_pref("browser.search.defaulturl", "");
user_pref("browser.newtab.url", "yafd:tabs");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default
user.js not found
---- Lines Search removed from prefs.js ----
user_pref("extensions.vb@yandex.ru.description", "Keep all your favorite sites in one place with Visual Bookmarks. Simply click on the one of the mini
---- Lines FFSodaPDF5Converter@sodapdf.com modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"otis@digitalpersona.com\":{\"descriptor\":\"C:\\\\Program Files (
---- FireFox user.js and prefs.js backups ----
prefs__1502_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Wondershare deleted
C:\setup.exe deleted
C:\found.000 deleted
C:\Users\JanaS\AppData\Roaming\Wondershare deleted
C:\Users\JanaS\MobilityManager.tmp deleted
C:\PROGRA~3\SPL6E7D.tmp deleted
C:\Users\JanaS\AppData\Local\Wondershare deleted
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Users\JanaS\Downloads\iLividSetup-r1328-t-bf(1).exe deleted
C:\Users\JanaS\Downloads\iLividSetup-r1328-t-bf.exe deleted
C:\Users\JanaS\Downloads\iLividSetup-r1329-t-bf.exe deleted
C:\Users\JanaS\Downloads\iLividSetup-r418-n-bf(1).exe deleted
C:\Users\JanaS\Downloads\iLividSetup-r418-n-bf.exe deleted
C:\Users\JanaS\Downloads\iLividSetup.exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (1).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (2).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (3).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (4).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (5).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup.exe deleted
C:\Users\JanaS\Downloads\FreeZipSetup-37cB5oY.exe deleted
C:\Users\JanaS\Searches deleted
C:\Users\JanaS\Downloads\SoftonicDownloader_for_pdf-xchange-viewer.exe deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
C:\Users\JanaS\autorun.exe deleted
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\extensions\{d1dac034-9fd9-4c13-a388-d2e10e57707f} deleted
"C:\windows\Installer\fbedb2.msi" deleted
"C:\windows\Installer\324b69.msi" deleted
"C:\windows\Installer\324b5d.msi" deleted
"C:\windows\Installer\324b63.msi" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\PROGRA~2\COMMON~1\Wondershare" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt" [27.11.2011 19:01]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [28.03.2014 15:07]
==== Firefox Extensions ======================
ProfilePath: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default
- DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com
- Re§im ECHO je vypnut. - %ProfilePath%\extensions\vb@yandex.ru
- Yandex Elements - %ProfilePath%\extensions\yasearch@yandex.ru
- Ask New Tabs - %ProfilePath%\extensions\{6991704F-B66B-7E0F-9123-19C9D5AA850E}
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
FB5621842FDABF9F8359775573498FBC - C:\Users\JanaS\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
5CB01CF141E021DAAE96991A5BA57944 - C:\Users\JanaS\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
DD31F0C436E4F5E6FA9783FF8A80ADC1 - C:\Users\JanaS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
3914DFA00A2B8FAC8E14D2084BD456B4 - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer
2F4781F84C92E8C4B1586E47A78E8A61 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.50.255
15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
Seznam Li\u0161ti\u010Dka - Email - JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Rychlá volba - JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
==== Chromium Startpages ======================
C:\Users\JanaS\AppData\Local\Chromium\User Data\Default\Preferences
{"default_search_provider_data":{"template_url_data":{"search_terms_replacement_key":"","search_url_post_params":"","suggestions_url_post_params":"","id":"5","short_name":"Yandex","keyword":"yandex.ru","favicon_url":"http://www.yandex.ru/favicon.ico","url" ... _encodings":["UTF-8"]}},"ntp":{"shown_sections":64,"shown_page":1024},"homepage_is_newtabpage":false,"homepage":"http://www.yandex.ru/?win=135&clid=1989 ... artup_urls":["http://www.yandex.ru/?win=135&clid=1989595"]},"browser":{"show_home_button":true}}
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.yandex.ru/?win=135&clid=1989595",
==== Chrome Fix ======================
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.avg.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.yandex.ru/?win=135&clid=1989595"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\y]
@="http://yandex.ru/yandsearch?win=135&cli ... 99&text=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.yandex.ru/?win=135&clid=1989595"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{22F7B5AE-5FB4-4153-BC48-FBFB7D8FDBA8} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"
==== Reset Google Chrome ======================
C:\Users\JanaS\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\JanaS\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences was reset successfully
C:\Users\JanaS\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\JanaS\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\237AA359BFA99C94484AF769ACA080AD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HandyUpdater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181FF deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1CR deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaIE deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1IE deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HypoUverSqlSvc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HypoUverSqlSvc.JanaS-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JanaS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JanaS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\JanaS\AppData\Local\Mozilla\Firefox\Profiles\16yut7sw.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\JanaS\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2090 folders=164 378479209 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\HypoUverSqlSvc\AppData\Local\Temp emptied successfully
C:\Users\HypoUverSqlSvc.JanaS-PC\AppData\Local\Temp emptied successfully
C:\Users\JanaS\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Reset Hosts File ======================
Hosts File Reset Successfully
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\JanaS\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\JanaS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\29GBHQXC\bbcdn-bbnaut.ibillboard.com" not found
"C:\Users\JanaS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\29GBHQXC\inres.uspech.sk" not found
==== EOF on 15.08.2014 at 15:26:13,70 ======================
Tool run by JanaS on 15.08.2014 at 14:35:58,39.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JanaS\Downloads\zoek(1)\zoek.com [Scan all users] [Script inserted]
==== System Restore Info ======================
15.08.2014 14:47:02 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_USERS\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A2D5EBA-F86D-4BD3-A177-019765996711} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\FFSodaPDF5Converter@sodapdf.com deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\prefs.js:
user_pref("browser.search.defaulturl", "");
user_pref("browser.newtab.url", "yafd:tabs");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default
user.js not found
---- Lines Search removed from prefs.js ----
user_pref("extensions.vb@yandex.ru.description", "Keep all your favorite sites in one place with Visual Bookmarks. Simply click on the one of the mini
---- Lines FFSodaPDF5Converter@sodapdf.com modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"otis@digitalpersona.com\":{\"descriptor\":\"C:\\\\Program Files (
---- FireFox user.js and prefs.js backups ----
prefs__1502_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Wondershare deleted
C:\setup.exe deleted
C:\found.000 deleted
C:\Users\JanaS\AppData\Roaming\Wondershare deleted
C:\Users\JanaS\MobilityManager.tmp deleted
C:\PROGRA~3\SPL6E7D.tmp deleted
C:\Users\JanaS\AppData\Local\Wondershare deleted
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Users\JanaS\Downloads\iLividSetup-r1328-t-bf(1).exe deleted
C:\Users\JanaS\Downloads\iLividSetup-r1328-t-bf.exe deleted
C:\Users\JanaS\Downloads\iLividSetup-r1329-t-bf.exe deleted
C:\Users\JanaS\Downloads\iLividSetup-r418-n-bf(1).exe deleted
C:\Users\JanaS\Downloads\iLividSetup-r418-n-bf.exe deleted
C:\Users\JanaS\Downloads\iLividSetup.exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (1).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (2).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (3).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (4).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup (5).exe deleted
C:\Users\JanaS\Downloads\sweetimsetup.exe deleted
C:\Users\JanaS\Downloads\FreeZipSetup-37cB5oY.exe deleted
C:\Users\JanaS\Searches deleted
C:\Users\JanaS\Downloads\SoftonicDownloader_for_pdf-xchange-viewer.exe deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
C:\Users\JanaS\autorun.exe deleted
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\extensions\{d1dac034-9fd9-4c13-a388-d2e10e57707f} deleted
"C:\windows\Installer\fbedb2.msi" deleted
"C:\windows\Installer\324b69.msi" deleted
"C:\windows\Installer\324b5d.msi" deleted
"C:\windows\Installer\324b63.msi" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\PROGRA~2\COMMON~1\Wondershare" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt" [27.11.2011 19:01]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [28.03.2014 15:07]
==== Firefox Extensions ======================
ProfilePath: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default
- DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com
- Re§im ECHO je vypnut. - %ProfilePath%\extensions\vb@yandex.ru
- Yandex Elements - %ProfilePath%\extensions\yasearch@yandex.ru
- Ask New Tabs - %ProfilePath%\extensions\{6991704F-B66B-7E0F-9123-19C9D5AA850E}
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
FB5621842FDABF9F8359775573498FBC - C:\Users\JanaS\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
5CB01CF141E021DAAE96991A5BA57944 - C:\Users\JanaS\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
DD31F0C436E4F5E6FA9783FF8A80ADC1 - C:\Users\JanaS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
3914DFA00A2B8FAC8E14D2084BD456B4 - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer
2F4781F84C92E8C4B1586E47A78E8A61 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.50.255
15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
Seznam Li\u0161ti\u010Dka - Email - JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Rychlá volba - JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
==== Chromium Startpages ======================
C:\Users\JanaS\AppData\Local\Chromium\User Data\Default\Preferences
{"default_search_provider_data":{"template_url_data":{"search_terms_replacement_key":"","search_url_post_params":"","suggestions_url_post_params":"","id":"5","short_name":"Yandex","keyword":"yandex.ru","favicon_url":"http://www.yandex.ru/favicon.ico","url" ... _encodings":["UTF-8"]}},"ntp":{"shown_sections":64,"shown_page":1024},"homepage_is_newtabpage":false,"homepage":"http://www.yandex.ru/?win=135&clid=1989 ... artup_urls":["http://www.yandex.ru/?win=135&clid=1989595"]},"browser":{"show_home_button":true}}
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.yandex.ru/?win=135&clid=1989595",
==== Chrome Fix ======================
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.avg.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.yandex.ru/?win=135&clid=1989595"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\y]
@="http://yandex.ru/yandsearch?win=135&cli ... 99&text=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.yandex.ru/?win=135&clid=1989595"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{22F7B5AE-5FB4-4153-BC48-FBFB7D8FDBA8} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"
==== Reset Google Chrome ======================
C:\Users\JanaS\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\JanaS\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences was reset successfully
C:\Users\JanaS\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\JanaS\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\237AA359BFA99C94484AF769ACA080AD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HandyUpdater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181FF deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1CR deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaIE deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1IE deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HypoUverSqlSvc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HypoUverSqlSvc.JanaS-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JanaS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JanaS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\JanaS\AppData\Local\Mozilla\Firefox\Profiles\16yut7sw.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\JanaS\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2090 folders=164 378479209 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\HypoUverSqlSvc\AppData\Local\Temp emptied successfully
C:\Users\HypoUverSqlSvc.JanaS-PC\AppData\Local\Temp emptied successfully
C:\Users\JanaS\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Reset Hosts File ======================
Hosts File Reset Successfully
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\JanaS\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\JanaS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\29GBHQXC\bbcdn-bbnaut.ibillboard.com" not found
"C:\Users\JanaS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\29GBHQXC\inres.uspech.sk" not found
==== EOF on 15.08.2014 at 15:26:13,70 ======================
Re: Yandex
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Yandex
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by JanaS (administrator) on JANAS-PC on 21-08-2014 11:31:13
Running from C:\Users\JanaS\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
() C:\ProgramData\DatacardService\DCService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(HP) C:\Windows\System32\HPSIsvc.exe
( ) C:\Windows\System32\lxdqcoms.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\HelperService.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe
(ABBYY) C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
() C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(BL) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google) C:\Users\JanaS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Tracker Software Products (Canada) Ltd.) C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1573504 2011-06-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780968 2011-04-30] (Synaptics Incorporated)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-28] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [PrintDisp] => C:\windows\system32\PrintDisp.exe [870400 2012-10-29] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [548864 2008-10-01] (BL)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466656 2014-05-23] (Sony)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Google Update] => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-31] (Google Inc.)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Handy Updater] => C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe [370176 2013-07-05] ()
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [ABBYY Screenshot Reader Bonus] => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe [939272 2009-05-09] (ABBYY)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {3bb3f95f-d6ef-11e1-a153-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {5cf0104f-2bd3-11e1-b734-4c80933412e5} - D:\AutoRun.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {81bb1a14-6246-11e3-afb8-4c80933412e5} - E:\SISetup.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {ad0a7cfa-dcb1-11e2-a1f4-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {bbe9a83b-dea1-11e3-b5b7-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {f79c5f4e-92f4-11e3-926d-4c80933412e5} - E:\LGAutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ING eKalkulačka.lnk
ShortcutTarget: ING eKalkulačka.lnk -> C:\Users\JanaS\ING_eKalkulacka_OVB_SK\run.cmd ()
Startup: C:\Users\JanaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?win=135&clid=1989595
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {22F7B5AE-5FB4-4153-BC48-FBFB7D8FDBA8} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Визуальные закладки -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Soda PDF 5 IE Helper -> {C737F472-1193-4281-BF53-A00B67AB3E19} -> C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software)
BHO-x32: Визуальные закладки -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Hosts: Hosts file not detected in the default directory
Tcpip\..\Interfaces\{71E231D9-C0F9-44A0-9AFF-BD84F1730C17}: [NameServer]213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{D9365ED9-A4C9-4F8F-911A-4668A0D1E2A7}: [NameServer]0.0.0.0
Tcpip\..\Interfaces\{E06DED20-37EE-43C3-BCD7-9EFE48F515CA}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\JanaS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\JanaS\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\JanaS\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\JanaS\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\JanaS\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\JanaS\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yandex.ru-101827.xml
FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yqs-barff-yandex.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Avira Browser Safety - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\donottrackplus@abine.com [2014-07-13]
FF Extension: Візуальныя закладкі - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\vb@yandex.ru [2014-08-13]
FF Extension: Кампанент "Элементы Яндекса" - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\yasearch@yandex.ru [2014-08-13]
FF Extension: Ask New Tabs - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{6991704F-B66B-7E0F-9123-19C9D5AA850E} [2014-05-08]
FF Extension: Seznam lištička - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-06]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-11-27]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-28]
Chrome:
=======
CHR Extension: (No Name) - C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic [2014-01-08]
CHR Extension: (Seznam Lištička - Email) - C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-10-20]
CHR Extension: (Google Wallet) - C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-10-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2009-04-27] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [28288 2011-06-24] (Conexant Systems, Inc.)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [249856 2010-09-29] () [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
S3 GoogleDesktopManager; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [1831424 2012-04-02] (Google) [File not signed]
R2 lxdq_device; C:\windows\system32\lxdqcoms.exe [1039872 2007-11-28] ( ) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-05] (Nitro PDF Software)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-17] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-17] (pdfforge GmbH)
R2 Printer Control; C:\windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [File not signed]
R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1069408 2013-01-29] (LULU Software)
R2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [794464 2013-01-29] (LULU Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-05] (Avira Operations GmbH & Co. KG)
S2 DgiVecp; C:\windows\system32\Drivers\DgiVecp.sys [53816 2009-03-07] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-29] (Symantec Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [15672 2011-12-16] ()
S2 Angelnt; \SystemRoot\System32\Drivers\ANGELNT.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 11:31 - 2014-08-21 11:33 - 00027308 _____ () C:\Users\JanaS\Downloads\FRST.txt
2014-08-21 11:30 - 2014-08-21 11:31 - 00000000 ____D () C:\FRST
2014-08-21 11:15 - 2014-08-21 11:15 - 00000775 _____ () C:\Users\JanaS\Desktop\FRSTLauncher – zástupce.lnk
2014-08-21 11:14 - 2014-08-21 11:14 - 00112640 _____ () C:\Users\JanaS\Downloads\FRSTLauncher.exe
2014-08-21 11:13 - 2014-08-21 11:13 - 00001142 _____ () C:\Users\JanaS\Desktop\FRST64 – zástupce.lnk
2014-08-21 11:12 - 2014-08-21 11:12 - 02101760 _____ (Farbar) C:\Users\JanaS\Downloads\FRST64.exe
2014-08-21 10:27 - 2014-08-21 10:27 - 00000000 ____D () C:\Users\JanaS\AppData\Local\{E3323054-1917-4164-93D0-36FCE9C6B178}
2014-08-21 09:59 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-21 09:59 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-21 09:59 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-21 09:59 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-21 09:59 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-21 09:58 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-21 09:58 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-21 09:58 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-21 09:58 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-08-20 16:14 - 2014-08-20 16:16 - 22749696 _____ (UNIQA poisťovňa a.s.) C:\Users\JanaS\Desktop\Flexi Dividenda 2014.exe
2014-08-20 13:20 - 2014-08-20 13:22 - 00000000 ____D () C:\Users\JanaS\Desktop\fotky
2014-08-18 16:19 - 2014-08-18 16:19 - 00001135 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 10:32 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-18 10:32 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-18 10:32 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-18 10:32 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-18 10:32 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-18 10:32 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-18 10:32 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-18 10:32 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-18 10:08 - 2014-08-18 10:09 - 00000000 ____D () C:\Users\JanaS\Desktop\EL-Bracha_vykazy
2014-08-18 10:05 - 2014-08-18 10:08 - 00000000 ____D () C:\Users\JanaS\Desktop\ziadosti banky
2014-08-15 15:13 - 2014-08-18 16:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-15 15:12 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-15 14:46 - 2014-08-15 15:26 - 00015388 _____ () C:\zoek-results.log
2014-08-15 14:30 - 2014-08-15 15:06 - 00000000 ____D () C:\zoek_backup
2014-08-15 14:30 - 2014-08-15 14:39 - 00000000 ____D () C:\Users\JanaS\Downloads\zoek(1)
2014-08-15 14:28 - 2014-08-15 14:29 - 04108341 _____ () C:\Users\JanaS\Downloads\zoek(1).zip
2014-08-15 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-15 09:52 - 2014-08-15 10:10 - 00000000 ____D () C:\AdwCleaner
2014-08-15 09:51 - 2014-08-15 09:52 - 01356107 _____ () C:\Users\JanaS\Downloads\adwcleaner_3.305.exe
2014-08-15 09:43 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-15 09:43 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-15 09:41 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-15 09:41 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-15 09:41 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-15 09:41 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-15 09:41 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-15 09:41 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-15 09:41 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-15 09:39 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-15 09:39 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-08-15 09:39 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-15 09:39 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-15 09:39 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-15 09:32 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-15 09:32 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-15 09:29 - 2014-08-15 09:29 - 00000000 ____D () C:\windows\ERUNT
2014-08-15 09:20 - 2014-08-15 09:23 - 01016261 _____ (Thisisu) C:\Users\JanaS\Desktop\JRT.exe
2014-08-14 11:09 - 2014-08-14 11:09 - 01222144 _____ () C:\Users\JanaS\Downloads\RSITx64(1).exe
2014-08-14 10:51 - 2014-08-14 10:51 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\JanaS\Downloads\yet_another_cleaner_sk.exe
2014-08-13 13:25 - 2014-08-13 13:25 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\dvdcss
2014-08-13 13:24 - 2014-08-13 13:44 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\vlc
2014-08-13 13:23 - 2014-08-13 13:23 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-13 13:23 - 2014-08-13 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-13 13:22 - 2014-08-13 13:22 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-13 12:11 - 2014-08-13 13:15 - 24677393 _____ () C:\Users\JanaS\Downloads\vlc-2.1.3-win32.exe
2014-08-13 11:52 - 2014-08-13 11:52 - 04277239 _____ () C:\Users\JanaS\Downloads\dodatky.zip
2014-08-13 09:12 - 2014-08-18 10:09 - 00000000 ____D () C:\Users\JanaS\Documents\Kapverdy_okruh
2014-07-30 13:31 - 2014-07-30 13:32 - 13383168 _____ (UNIQA poisťovňa a.s.) C:\Users\JanaS\Downloads\UNI Domov a %c5%a0%c5%a5astie 8-7 2014.exe
2014-07-29 13:42 - 2014-07-29 13:43 - 880013159 _____ () C:\Users\JanaS\Downloads\foto.zip
2014-07-29 10:32 - 2009-03-07 05:30 - 00053816 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\DgivEcp.sys
2014-07-29 10:32 - 2009-03-07 05:30 - 00007036 ____N () C:\windows\SysWOW64\DgivEcp.cat
2014-07-29 10:32 - 2007-11-22 02:39 - 00036864 ____N () C:\windows\SysWOW64\SvcMan.exe
2014-07-29 10:32 - 2007-11-22 02:39 - 00007297 ____N () C:\windows\SysWOW64\SSPORT.CAT
2014-07-29 10:31 - 2009-09-03 08:14 - 01693696 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTCLR13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 01402368 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltdlg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 01009664 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\Ltwvc13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00931840 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTR13N.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00760320 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltocx13n.ocx
2014-07-29 10:31 - 2009-09-03 08:14 - 00533504 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTRVW13N.OCX
2014-07-29 10:31 - 2009-09-03 08:14 - 00465920 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTRPR13n.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00453120 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltkrn13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00445440 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltimg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00406016 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFCMP13s.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00389120 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFCMP13n.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00326144 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTRIO13N.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00265216 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTDIS13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00249856 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFJ2K13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00246272 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFJ2K13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00212480 _____ (Eastman Kodak) C:\windows\SysWOW64\PCDLIB32.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00206848 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltefx13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00187392 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\Lfpng13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00182784 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\Lfpng13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00158720 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\Ltpnt13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00154112 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltfil13n.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00152064 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lftif13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00146976 _____ (Microsoft Corporation) C:\windows\SysWOW64\Mfcoleui.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00142848 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lftif13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00114176 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTOCR13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00099840 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfjbg13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00090112 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfjbg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00087552 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpsd13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00086528 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lffax13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00077312 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTTLB13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00073728 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lffax13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00069632 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltbar13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00067072 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltpdg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00057856 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfeps13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00057344 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpsd13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00051712 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltlst13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00047616 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfeps13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00044032 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lttwn13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00043008 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFPNM13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00043008 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfbmp13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00040448 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfiff13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00037888 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpcx13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00037376 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfclp13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00036864 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfani13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00032768 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfitg13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00032768 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfimg13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00032256 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lttmb13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00032256 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpcd13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00031744 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfmsp13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00031744 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfclp13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00031744 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfavi13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00031232 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFPNM13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00030208 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfbmp13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00027648 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfiff13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00026624 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpcx13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00025600 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfani13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00020992 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfimg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00019968 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpcd13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00019968 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfitg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00019968 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfavi13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00018944 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfmsp13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00000422 _____ () C:\windows\SysWOW64\ltocx13.lic
2014-07-29 10:29 - 2014-08-13 13:41 - 00000163 _____ () C:\windows\setup.log
2014-07-29 10:23 - 2014-07-29 10:23 - 155895580 _____ (Samsung ) C:\Users\JanaS\Downloads\SmarThru_4 [1].exe
2014-07-29 10:18 - 2014-08-13 13:50 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Yandex
2014-07-29 10:18 - 2014-08-13 13:50 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Yandex
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Opera Software
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Chromium
2014-07-29 10:16 - 2014-08-13 09:04 - 00000452 ____H () C:\windows\Tasks\Norton Security Scan for JanaS.job
2014-07-29 10:16 - 2014-07-29 10:16 - 00003610 _____ () C:\windows\System32\Tasks\Norton Security Scan for JanaS
2014-07-29 10:16 - 2014-07-29 10:16 - 00001459 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\windows\system32\Drivers\NSSx64
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2014-07-29 10:15 - 2014-07-29 10:15 - 00000000 ____D () C:\Users\JanaS\AppData\Local\IsolatedStorage
2014-07-29 10:14 - 2014-07-29 10:36 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-29 10:13 - 2014-07-29 10:13 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2014-07-29 10:13 - 2014-07-29 10:13 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\ImperiaOnline
2014-07-25 13:00 - 2014-07-25 13:00 - 00191451 _____ () C:\Users\JanaS\Downloads\ACFrOgA7jT6CBlgQXe4pk52jo_zMjZ77kkuU5ghZwDnX1BSRHj4Iu89AYxBFz7BZQheUz4rWpZCeCvvK9DQqJL5GCrBuCIqGLdT1EMNphFcvGUZiDSfJuv1bny6F1vs=
2014-07-23 09:58 - 2014-07-23 09:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 11:33 - 2014-08-21 11:31 - 00027308 _____ () C:\Users\JanaS\Downloads\FRST.txt
2014-08-21 11:31 - 2014-08-21 11:30 - 00000000 ____D () C:\FRST
2014-08-21 11:26 - 2011-12-21 18:56 - 00000934 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-21 11:18 - 2012-02-09 14:42 - 00000946 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000UA.job
2014-08-21 11:15 - 2014-08-21 11:15 - 00000775 _____ () C:\Users\JanaS\Desktop\FRSTLauncher – zástupce.lnk
2014-08-21 11:14 - 2014-08-21 11:14 - 00112640 _____ () C:\Users\JanaS\Downloads\FRSTLauncher.exe
2014-08-21 11:13 - 2014-08-21 11:13 - 00001142 _____ () C:\Users\JanaS\Desktop\FRST64 – zástupce.lnk
2014-08-21 11:12 - 2014-08-21 11:12 - 02101760 _____ (Farbar) C:\Users\JanaS\Downloads\FRST64.exe
2014-08-21 11:02 - 2013-02-24 23:44 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 11:01 - 2012-02-18 14:53 - 00000256 _____ () C:\windows\Tasks\HP Photo Creations Messager.job
2014-08-21 10:54 - 2011-11-27 17:59 - 01729975 _____ () C:\windows\WindowsUpdate.log
2014-08-21 10:45 - 2009-07-14 06:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 10:45 - 2009-07-14 06:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 10:38 - 2011-11-27 19:52 - 00661420 _____ () C:\windows\system32\perfh005.dat
2014-08-21 10:38 - 2011-11-27 19:52 - 00141812 _____ () C:\windows\system32\perfc005.dat
2014-08-21 10:38 - 2009-07-14 07:13 - 01586170 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-21 10:37 - 2014-03-21 23:27 - 00000000 ____D () C:\ProgramData\firebird
2014-08-21 10:37 - 2011-12-12 17:01 - 00000271 _____ () C:\windows\lgfwup.ini
2014-08-21 10:35 - 2011-12-21 18:56 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-21 10:35 - 2011-12-08 14:25 - 00000000 ____D () C:\Users\JanaS\AppData\Local\SoftThinks
2014-08-21 10:34 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-21 10:33 - 2013-06-14 10:39 - 00040002 _____ () C:\windows\setupact.log
2014-08-21 10:27 - 2014-08-21 10:27 - 00000000 ____D () C:\Users\JanaS\AppData\Local\{E3323054-1917-4164-93D0-36FCE9C6B178}
2014-08-21 10:24 - 2011-12-25 20:08 - 00000000 ____D () C:\Users\JanaS\Desktop\OVB
2014-08-21 09:52 - 2012-02-09 14:42 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000Core.job
2014-08-21 03:24 - 2013-11-20 17:12 - 00765058 _____ () C:\windows\IE11_main.log
2014-08-21 03:14 - 2013-06-01 15:14 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask
2014-08-20 16:16 - 2014-08-20 16:14 - 22749696 _____ (UNIQA poisťovňa a.s.) C:\Users\JanaS\Desktop\Flexi Dividenda 2014.exe
2014-08-20 13:53 - 2012-05-24 13:41 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-08-20 13:22 - 2014-08-20 13:20 - 00000000 ____D () C:\Users\JanaS\Desktop\fotky
2014-08-18 16:22 - 2011-12-12 20:13 - 00000000 ____D () C:\Users\JanaS\AppData\Local\CrashDumps
2014-08-18 16:20 - 2014-08-15 15:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 16:19 - 2014-08-18 16:19 - 00001135 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 16:19 - 2013-03-21 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 16:19 - 2013-03-21 17:14 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 16:11 - 2011-12-08 14:25 - 00000000 ____D () C:\Users\JanaS
2014-08-18 16:04 - 2012-06-02 16:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-18 10:31 - 2014-05-04 16:32 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-08-18 10:09 - 2014-08-18 10:08 - 00000000 ____D () C:\Users\JanaS\Desktop\EL-Bracha_vykazy
2014-08-18 10:09 - 2014-08-13 09:12 - 00000000 ____D () C:\Users\JanaS\Documents\Kapverdy_okruh
2014-08-18 10:08 - 2014-08-18 10:05 - 00000000 ____D () C:\Users\JanaS\Desktop\ziadosti banky
2014-08-15 15:26 - 2014-08-15 14:46 - 00015388 _____ () C:\zoek-results.log
2014-08-15 15:21 - 2013-06-25 09:38 - 00698978 _____ () C:\windows\PFRO.log
2014-08-15 15:13 - 2013-03-21 17:14 - 00000000 ____D () C:\ProgramData\Avira
2014-08-15 15:06 - 2014-08-15 14:30 - 00000000 ____D () C:\zoek_backup
2014-08-15 14:50 - 2012-02-19 23:52 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 14:39 - 2014-08-15 14:30 - 00000000 ____D () C:\Users\JanaS\Downloads\zoek(1)
2014-08-15 14:29 - 2014-08-15 14:28 - 04108341 _____ () C:\Users\JanaS\Downloads\zoek(1).zip
2014-08-15 14:01 - 2011-12-25 20:30 - 04231168 _____ () C:\Users\JanaS\Downloads\data.mdb
2014-08-15 14:01 - 2011-12-25 20:30 - 00000000 ____D () C:\Users\JanaS\Downloads\xls
2014-08-15 14:01 - 2011-12-25 20:30 - 00000000 ____D () C:\Users\JanaS\Downloads\upd
2014-08-15 14:01 - 2011-12-25 20:30 - 00000000 ____D () C:\Users\JanaS\Downloads\htm
2014-08-15 14:00 - 2012-11-12 11:04 - 01802240 _____ ( ) C:\Users\JanaS\Downloads\nezivot.dll
2014-08-15 14:00 - 2011-12-25 20:30 - 02879488 _____ ( ) C:\Users\JanaS\Downloads\zivot.dll
2014-08-15 14:00 - 2011-12-25 20:30 - 00229376 _____ ( ) C:\Users\JanaS\Downloads\run.exe
2014-08-15 11:44 - 2014-02-26 16:45 - 00000808 _____ () C:\Users\JanaS\Desktop\GENERALI Kalkulačka.lnk
2014-08-15 10:10 - 2014-08-15 09:52 - 00000000 ____D () C:\AdwCleaner
2014-08-15 09:52 - 2014-08-15 09:51 - 01356107 _____ () C:\Users\JanaS\Downloads\adwcleaner_3.305.exe
2014-08-15 09:29 - 2014-08-15 09:29 - 00000000 ____D () C:\windows\ERUNT
2014-08-15 09:23 - 2014-08-15 09:20 - 01016261 _____ (Thisisu) C:\Users\JanaS\Desktop\JRT.exe
2014-08-14 15:36 - 2011-12-24 10:32 - 00000000 ____D () C:\ProgramData\PCDr
2014-08-14 11:10 - 2013-05-09 10:49 - 00000000 ____D () C:\Program Files\trend micro
2014-08-14 11:09 - 2014-08-14 11:09 - 01222144 _____ () C:\Users\JanaS\Downloads\RSITx64(1).exe
2014-08-14 10:51 - 2014-08-14 10:51 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\JanaS\Downloads\yet_another_cleaner_sk.exe
2014-08-13 13:50 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Yandex
2014-08-13 13:50 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Yandex
2014-08-13 13:44 - 2014-08-13 13:24 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\vlc
2014-08-13 13:42 - 2013-10-20 20:44 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Seznam.cz
2014-08-13 13:42 - 2013-10-20 20:44 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-08-13 13:41 - 2014-07-29 10:29 - 00000163 _____ () C:\windows\setup.log
2014-08-13 13:39 - 2011-11-27 18:57 - 00000000 ____D () C:\ProgramData\Skype
2014-08-13 13:25 - 2014-08-13 13:25 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\dvdcss
2014-08-13 13:23 - 2014-08-13 13:23 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-13 13:23 - 2014-08-13 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-13 13:22 - 2014-08-13 13:22 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-13 13:15 - 2014-08-13 12:11 - 24677393 _____ () C:\Users\JanaS\Downloads\vlc-2.1.3-win32.exe
2014-08-13 11:52 - 2014-08-13 11:52 - 04277239 _____ () C:\Users\JanaS\Downloads\dodatky.zip
2014-08-13 09:30 - 2012-07-11 20:34 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Windows Live
2014-08-13 09:04 - 2014-07-29 10:16 - 00000452 ____H () C:\windows\Tasks\Norton Security Scan for JanaS.job
2014-08-07 04:06 - 2014-08-15 09:32 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-15 09:32 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-30 15:24 - 2012-01-03 16:22 - 00000000 ____D () C:\Users\JanaS\AppData\Local\CutePDF Writer
2014-07-30 13:32 - 2014-07-30 13:31 - 13383168 _____ (UNIQA poisťovňa a.s.) C:\Users\JanaS\Downloads\UNI Domov a %c5%a0%c5%a5astie 8-7 2014.exe
2014-07-29 13:43 - 2014-07-29 13:42 - 880013159 _____ () C:\Users\JanaS\Downloads\foto.zip
2014-07-29 10:36 - 2014-07-29 10:14 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-29 10:30 - 2011-11-27 18:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-29 10:25 - 2012-09-19 21:09 - 00000000 ____D () C:\Temp
2014-07-29 10:23 - 2014-07-29 10:23 - 155895580 _____ (Samsung ) C:\Users\JanaS\Downloads\SmarThru_4 [1].exe
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Opera Software
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Chromium
2014-07-29 10:16 - 2014-07-29 10:16 - 00003610 _____ () C:\windows\System32\Tasks\Norton Security Scan for JanaS
2014-07-29 10:16 - 2014-07-29 10:16 - 00001459 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\windows\system32\Drivers\NSSx64
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2014-07-29 10:16 - 2011-11-27 19:03 - 00000000 ____D () C:\ProgramData\Norton
2014-07-29 10:15 - 2014-07-29 10:15 - 00000000 ____D () C:\Users\JanaS\AppData\Local\IsolatedStorage
2014-07-29 10:13 - 2014-07-29 10:13 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2014-07-29 10:13 - 2014-07-29 10:13 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\ImperiaOnline
2014-07-29 08:48 - 2013-03-13 15:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-29 08:47 - 2013-03-13 15:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-28 15:42 - 2013-03-13 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-28 15:33 - 2013-11-10 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-25 13:00 - 2014-07-25 13:00 - 00191451 _____ () C:\Users\JanaS\Downloads\ACFrOgA7jT6CBlgQXe4pk52jo_zMjZ77kkuU5ghZwDnX1BSRHj4Iu89AYxBFz7BZQheUz4rWpZCeCvvK9DQqJL5GCrBuCIqGLdT1EMNphFcvGUZiDSfJuv1bny6F1vs=
2014-07-23 09:59 - 2014-07-23 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 16:06 - 2011-12-24 10:33 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\PCDr
Some content of TEMP:
====================
C:\Users\JanaS\AppData\Local\Temp\avgnt.exe
C:\Users\JanaS\AppData\Local\Temp\GotClipDownloader_Setup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-13 14:23
==================== End Of Log ============================
Ran by JanaS (administrator) on JANAS-PC on 21-08-2014 11:31:13
Running from C:\Users\JanaS\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
() C:\ProgramData\DatacardService\DCService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(HP) C:\Windows\System32\HPSIsvc.exe
( ) C:\Windows\System32\lxdqcoms.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\HelperService.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe
(ABBYY) C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
() C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(BL) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google) C:\Users\JanaS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Tracker Software Products (Canada) Ltd.) C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1573504 2011-06-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780968 2011-04-30] (Synaptics Incorporated)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-28] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [PrintDisp] => C:\windows\system32\PrintDisp.exe [870400 2012-10-29] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [548864 2008-10-01] (BL)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466656 2014-05-23] (Sony)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Google Update] => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-31] (Google Inc.)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Handy Updater] => C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe [370176 2013-07-05] ()
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [ABBYY Screenshot Reader Bonus] => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe [939272 2009-05-09] (ABBYY)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {3bb3f95f-d6ef-11e1-a153-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {5cf0104f-2bd3-11e1-b734-4c80933412e5} - D:\AutoRun.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {81bb1a14-6246-11e3-afb8-4c80933412e5} - E:\SISetup.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {ad0a7cfa-dcb1-11e2-a1f4-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {bbe9a83b-dea1-11e3-b5b7-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {f79c5f4e-92f4-11e3-926d-4c80933412e5} - E:\LGAutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ING eKalkulačka.lnk
ShortcutTarget: ING eKalkulačka.lnk -> C:\Users\JanaS\ING_eKalkulacka_OVB_SK\run.cmd ()
Startup: C:\Users\JanaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?win=135&clid=1989595
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {22F7B5AE-5FB4-4153-BC48-FBFB7D8FDBA8} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Визуальные закладки -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Soda PDF 5 IE Helper -> {C737F472-1193-4281-BF53-A00B67AB3E19} -> C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software)
BHO-x32: Визуальные закладки -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Hosts: Hosts file not detected in the default directory
Tcpip\..\Interfaces\{71E231D9-C0F9-44A0-9AFF-BD84F1730C17}: [NameServer]213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{D9365ED9-A4C9-4F8F-911A-4668A0D1E2A7}: [NameServer]0.0.0.0
Tcpip\..\Interfaces\{E06DED20-37EE-43C3-BCD7-9EFE48F515CA}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\JanaS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\JanaS\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\JanaS\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\JanaS\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\JanaS\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\JanaS\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yandex.ru-101827.xml
FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yqs-barff-yandex.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Avira Browser Safety - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\donottrackplus@abine.com [2014-07-13]
FF Extension: Візуальныя закладкі - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\vb@yandex.ru [2014-08-13]
FF Extension: Кампанент "Элементы Яндекса" - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\yasearch@yandex.ru [2014-08-13]
FF Extension: Ask New Tabs - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{6991704F-B66B-7E0F-9123-19C9D5AA850E} [2014-05-08]
FF Extension: Seznam lištička - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-06]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-11-27]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-28]
Chrome:
=======
CHR Extension: (No Name) - C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic [2014-01-08]
CHR Extension: (Seznam Lištička - Email) - C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-10-20]
CHR Extension: (Google Wallet) - C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\JanaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-10-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2009-04-27] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [28288 2011-06-24] (Conexant Systems, Inc.)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [249856 2010-09-29] () [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
S3 GoogleDesktopManager; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [1831424 2012-04-02] (Google) [File not signed]
R2 lxdq_device; C:\windows\system32\lxdqcoms.exe [1039872 2007-11-28] ( ) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-05] (Nitro PDF Software)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-17] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-17] (pdfforge GmbH)
R2 Printer Control; C:\windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [File not signed]
R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1069408 2013-01-29] (LULU Software)
R2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [794464 2013-01-29] (LULU Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-05] (Avira Operations GmbH & Co. KG)
S2 DgiVecp; C:\windows\system32\Drivers\DgiVecp.sys [53816 2009-03-07] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-29] (Symantec Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [15672 2011-12-16] ()
S2 Angelnt; \SystemRoot\System32\Drivers\ANGELNT.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 11:31 - 2014-08-21 11:33 - 00027308 _____ () C:\Users\JanaS\Downloads\FRST.txt
2014-08-21 11:30 - 2014-08-21 11:31 - 00000000 ____D () C:\FRST
2014-08-21 11:15 - 2014-08-21 11:15 - 00000775 _____ () C:\Users\JanaS\Desktop\FRSTLauncher – zástupce.lnk
2014-08-21 11:14 - 2014-08-21 11:14 - 00112640 _____ () C:\Users\JanaS\Downloads\FRSTLauncher.exe
2014-08-21 11:13 - 2014-08-21 11:13 - 00001142 _____ () C:\Users\JanaS\Desktop\FRST64 – zástupce.lnk
2014-08-21 11:12 - 2014-08-21 11:12 - 02101760 _____ (Farbar) C:\Users\JanaS\Downloads\FRST64.exe
2014-08-21 10:27 - 2014-08-21 10:27 - 00000000 ____D () C:\Users\JanaS\AppData\Local\{E3323054-1917-4164-93D0-36FCE9C6B178}
2014-08-21 09:59 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-21 09:59 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-21 09:59 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-21 09:59 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-21 09:59 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-21 09:59 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-21 09:58 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-21 09:58 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-21 09:58 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-21 09:58 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-08-20 16:14 - 2014-08-20 16:16 - 22749696 _____ (UNIQA poisťovňa a.s.) C:\Users\JanaS\Desktop\Flexi Dividenda 2014.exe
2014-08-20 13:20 - 2014-08-20 13:22 - 00000000 ____D () C:\Users\JanaS\Desktop\fotky
2014-08-18 16:19 - 2014-08-18 16:19 - 00001135 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 10:32 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-18 10:32 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-18 10:32 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-18 10:32 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-18 10:32 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-18 10:32 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-18 10:32 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-18 10:32 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-18 10:08 - 2014-08-18 10:09 - 00000000 ____D () C:\Users\JanaS\Desktop\EL-Bracha_vykazy
2014-08-18 10:05 - 2014-08-18 10:08 - 00000000 ____D () C:\Users\JanaS\Desktop\ziadosti banky
2014-08-15 15:13 - 2014-08-18 16:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-15 15:12 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-15 14:46 - 2014-08-15 15:26 - 00015388 _____ () C:\zoek-results.log
2014-08-15 14:30 - 2014-08-15 15:06 - 00000000 ____D () C:\zoek_backup
2014-08-15 14:30 - 2014-08-15 14:39 - 00000000 ____D () C:\Users\JanaS\Downloads\zoek(1)
2014-08-15 14:28 - 2014-08-15 14:29 - 04108341 _____ () C:\Users\JanaS\Downloads\zoek(1).zip
2014-08-15 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-15 09:52 - 2014-08-15 10:10 - 00000000 ____D () C:\AdwCleaner
2014-08-15 09:51 - 2014-08-15 09:52 - 01356107 _____ () C:\Users\JanaS\Downloads\adwcleaner_3.305.exe
2014-08-15 09:43 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-15 09:43 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-15 09:41 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-15 09:41 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-15 09:41 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-15 09:41 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-15 09:41 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-15 09:41 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-15 09:41 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-15 09:39 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-15 09:39 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-08-15 09:39 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-15 09:39 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-15 09:39 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-15 09:32 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-15 09:32 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-15 09:29 - 2014-08-15 09:29 - 00000000 ____D () C:\windows\ERUNT
2014-08-15 09:20 - 2014-08-15 09:23 - 01016261 _____ (Thisisu) C:\Users\JanaS\Desktop\JRT.exe
2014-08-14 11:09 - 2014-08-14 11:09 - 01222144 _____ () C:\Users\JanaS\Downloads\RSITx64(1).exe
2014-08-14 10:51 - 2014-08-14 10:51 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\JanaS\Downloads\yet_another_cleaner_sk.exe
2014-08-13 13:25 - 2014-08-13 13:25 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\dvdcss
2014-08-13 13:24 - 2014-08-13 13:44 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\vlc
2014-08-13 13:23 - 2014-08-13 13:23 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-13 13:23 - 2014-08-13 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-13 13:22 - 2014-08-13 13:22 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-13 12:11 - 2014-08-13 13:15 - 24677393 _____ () C:\Users\JanaS\Downloads\vlc-2.1.3-win32.exe
2014-08-13 11:52 - 2014-08-13 11:52 - 04277239 _____ () C:\Users\JanaS\Downloads\dodatky.zip
2014-08-13 09:12 - 2014-08-18 10:09 - 00000000 ____D () C:\Users\JanaS\Documents\Kapverdy_okruh
2014-07-30 13:31 - 2014-07-30 13:32 - 13383168 _____ (UNIQA poisťovňa a.s.) C:\Users\JanaS\Downloads\UNI Domov a %c5%a0%c5%a5astie 8-7 2014.exe
2014-07-29 13:42 - 2014-07-29 13:43 - 880013159 _____ () C:\Users\JanaS\Downloads\foto.zip
2014-07-29 10:32 - 2009-03-07 05:30 - 00053816 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\DgivEcp.sys
2014-07-29 10:32 - 2009-03-07 05:30 - 00007036 ____N () C:\windows\SysWOW64\DgivEcp.cat
2014-07-29 10:32 - 2007-11-22 02:39 - 00036864 ____N () C:\windows\SysWOW64\SvcMan.exe
2014-07-29 10:32 - 2007-11-22 02:39 - 00007297 ____N () C:\windows\SysWOW64\SSPORT.CAT
2014-07-29 10:31 - 2009-09-03 08:14 - 01693696 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTCLR13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 01402368 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltdlg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 01009664 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\Ltwvc13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00931840 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTR13N.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00760320 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltocx13n.ocx
2014-07-29 10:31 - 2009-09-03 08:14 - 00533504 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTRVW13N.OCX
2014-07-29 10:31 - 2009-09-03 08:14 - 00465920 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTRPR13n.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00453120 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltkrn13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00445440 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltimg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00406016 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFCMP13s.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00389120 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFCMP13n.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00326144 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTRIO13N.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00265216 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTDIS13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00249856 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFJ2K13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00246272 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFJ2K13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00212480 _____ (Eastman Kodak) C:\windows\SysWOW64\PCDLIB32.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00206848 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltefx13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00187392 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\Lfpng13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00182784 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\Lfpng13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00158720 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\Ltpnt13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00154112 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltfil13n.DLL
2014-07-29 10:31 - 2009-09-03 08:14 - 00152064 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lftif13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00146976 _____ (Microsoft Corporation) C:\windows\SysWOW64\Mfcoleui.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00142848 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lftif13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00114176 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTOCR13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00099840 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfjbg13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00090112 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfjbg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00087552 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpsd13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00086528 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lffax13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00077312 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LTTLB13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00073728 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lffax13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00069632 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltbar13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00067072 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltpdg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00057856 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfeps13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00057344 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpsd13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00051712 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\ltlst13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00047616 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfeps13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00044032 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lttwn13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00043008 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFPNM13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00043008 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfbmp13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00040448 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfiff13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00037888 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpcx13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00037376 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfclp13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00036864 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfani13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00032768 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfitg13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00032768 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfimg13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00032256 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lttmb13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00032256 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpcd13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00031744 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfmsp13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00031744 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfclp13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00031744 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfavi13s.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00031232 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\LFPNM13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00030208 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfbmp13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00027648 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfiff13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00026624 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpcx13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00025600 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfani13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00020992 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfimg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00019968 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfpcd13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00019968 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfitg13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00019968 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfavi13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00018944 _____ (LEAD Technologies, Inc.) C:\windows\SysWOW64\lfmsp13n.dll
2014-07-29 10:31 - 2009-09-03 08:14 - 00000422 _____ () C:\windows\SysWOW64\ltocx13.lic
2014-07-29 10:29 - 2014-08-13 13:41 - 00000163 _____ () C:\windows\setup.log
2014-07-29 10:23 - 2014-07-29 10:23 - 155895580 _____ (Samsung ) C:\Users\JanaS\Downloads\SmarThru_4 [1].exe
2014-07-29 10:18 - 2014-08-13 13:50 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Yandex
2014-07-29 10:18 - 2014-08-13 13:50 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Yandex
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Opera Software
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Chromium
2014-07-29 10:16 - 2014-08-13 09:04 - 00000452 ____H () C:\windows\Tasks\Norton Security Scan for JanaS.job
2014-07-29 10:16 - 2014-07-29 10:16 - 00003610 _____ () C:\windows\System32\Tasks\Norton Security Scan for JanaS
2014-07-29 10:16 - 2014-07-29 10:16 - 00001459 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\windows\system32\Drivers\NSSx64
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2014-07-29 10:15 - 2014-07-29 10:15 - 00000000 ____D () C:\Users\JanaS\AppData\Local\IsolatedStorage
2014-07-29 10:14 - 2014-07-29 10:36 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-29 10:13 - 2014-07-29 10:13 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2014-07-29 10:13 - 2014-07-29 10:13 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\ImperiaOnline
2014-07-25 13:00 - 2014-07-25 13:00 - 00191451 _____ () C:\Users\JanaS\Downloads\ACFrOgA7jT6CBlgQXe4pk52jo_zMjZ77kkuU5ghZwDnX1BSRHj4Iu89AYxBFz7BZQheUz4rWpZCeCvvK9DQqJL5GCrBuCIqGLdT1EMNphFcvGUZiDSfJuv1bny6F1vs=
2014-07-23 09:58 - 2014-07-23 09:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 11:33 - 2014-08-21 11:31 - 00027308 _____ () C:\Users\JanaS\Downloads\FRST.txt
2014-08-21 11:31 - 2014-08-21 11:30 - 00000000 ____D () C:\FRST
2014-08-21 11:26 - 2011-12-21 18:56 - 00000934 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-21 11:18 - 2012-02-09 14:42 - 00000946 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000UA.job
2014-08-21 11:15 - 2014-08-21 11:15 - 00000775 _____ () C:\Users\JanaS\Desktop\FRSTLauncher – zástupce.lnk
2014-08-21 11:14 - 2014-08-21 11:14 - 00112640 _____ () C:\Users\JanaS\Downloads\FRSTLauncher.exe
2014-08-21 11:13 - 2014-08-21 11:13 - 00001142 _____ () C:\Users\JanaS\Desktop\FRST64 – zástupce.lnk
2014-08-21 11:12 - 2014-08-21 11:12 - 02101760 _____ (Farbar) C:\Users\JanaS\Downloads\FRST64.exe
2014-08-21 11:02 - 2013-02-24 23:44 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 11:01 - 2012-02-18 14:53 - 00000256 _____ () C:\windows\Tasks\HP Photo Creations Messager.job
2014-08-21 10:54 - 2011-11-27 17:59 - 01729975 _____ () C:\windows\WindowsUpdate.log
2014-08-21 10:45 - 2009-07-14 06:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 10:45 - 2009-07-14 06:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 10:38 - 2011-11-27 19:52 - 00661420 _____ () C:\windows\system32\perfh005.dat
2014-08-21 10:38 - 2011-11-27 19:52 - 00141812 _____ () C:\windows\system32\perfc005.dat
2014-08-21 10:38 - 2009-07-14 07:13 - 01586170 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-21 10:37 - 2014-03-21 23:27 - 00000000 ____D () C:\ProgramData\firebird
2014-08-21 10:37 - 2011-12-12 17:01 - 00000271 _____ () C:\windows\lgfwup.ini
2014-08-21 10:35 - 2011-12-21 18:56 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-21 10:35 - 2011-12-08 14:25 - 00000000 ____D () C:\Users\JanaS\AppData\Local\SoftThinks
2014-08-21 10:34 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-21 10:33 - 2013-06-14 10:39 - 00040002 _____ () C:\windows\setupact.log
2014-08-21 10:27 - 2014-08-21 10:27 - 00000000 ____D () C:\Users\JanaS\AppData\Local\{E3323054-1917-4164-93D0-36FCE9C6B178}
2014-08-21 10:24 - 2011-12-25 20:08 - 00000000 ____D () C:\Users\JanaS\Desktop\OVB
2014-08-21 09:52 - 2012-02-09 14:42 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000Core.job
2014-08-21 03:24 - 2013-11-20 17:12 - 00765058 _____ () C:\windows\IE11_main.log
2014-08-21 03:14 - 2013-06-01 15:14 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask
2014-08-20 16:16 - 2014-08-20 16:14 - 22749696 _____ (UNIQA poisťovňa a.s.) C:\Users\JanaS\Desktop\Flexi Dividenda 2014.exe
2014-08-20 13:53 - 2012-05-24 13:41 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-08-20 13:22 - 2014-08-20 13:20 - 00000000 ____D () C:\Users\JanaS\Desktop\fotky
2014-08-18 16:22 - 2011-12-12 20:13 - 00000000 ____D () C:\Users\JanaS\AppData\Local\CrashDumps
2014-08-18 16:20 - 2014-08-15 15:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 16:19 - 2014-08-18 16:19 - 00001135 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 16:19 - 2013-03-21 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 16:19 - 2013-03-21 17:14 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 16:11 - 2011-12-08 14:25 - 00000000 ____D () C:\Users\JanaS
2014-08-18 16:04 - 2012-06-02 16:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-18 10:31 - 2014-05-04 16:32 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-08-18 10:09 - 2014-08-18 10:08 - 00000000 ____D () C:\Users\JanaS\Desktop\EL-Bracha_vykazy
2014-08-18 10:09 - 2014-08-13 09:12 - 00000000 ____D () C:\Users\JanaS\Documents\Kapverdy_okruh
2014-08-18 10:08 - 2014-08-18 10:05 - 00000000 ____D () C:\Users\JanaS\Desktop\ziadosti banky
2014-08-15 15:26 - 2014-08-15 14:46 - 00015388 _____ () C:\zoek-results.log
2014-08-15 15:21 - 2013-06-25 09:38 - 00698978 _____ () C:\windows\PFRO.log
2014-08-15 15:13 - 2013-03-21 17:14 - 00000000 ____D () C:\ProgramData\Avira
2014-08-15 15:06 - 2014-08-15 14:30 - 00000000 ____D () C:\zoek_backup
2014-08-15 14:50 - 2012-02-19 23:52 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 14:39 - 2014-08-15 14:30 - 00000000 ____D () C:\Users\JanaS\Downloads\zoek(1)
2014-08-15 14:29 - 2014-08-15 14:28 - 04108341 _____ () C:\Users\JanaS\Downloads\zoek(1).zip
2014-08-15 14:01 - 2011-12-25 20:30 - 04231168 _____ () C:\Users\JanaS\Downloads\data.mdb
2014-08-15 14:01 - 2011-12-25 20:30 - 00000000 ____D () C:\Users\JanaS\Downloads\xls
2014-08-15 14:01 - 2011-12-25 20:30 - 00000000 ____D () C:\Users\JanaS\Downloads\upd
2014-08-15 14:01 - 2011-12-25 20:30 - 00000000 ____D () C:\Users\JanaS\Downloads\htm
2014-08-15 14:00 - 2012-11-12 11:04 - 01802240 _____ ( ) C:\Users\JanaS\Downloads\nezivot.dll
2014-08-15 14:00 - 2011-12-25 20:30 - 02879488 _____ ( ) C:\Users\JanaS\Downloads\zivot.dll
2014-08-15 14:00 - 2011-12-25 20:30 - 00229376 _____ ( ) C:\Users\JanaS\Downloads\run.exe
2014-08-15 11:44 - 2014-02-26 16:45 - 00000808 _____ () C:\Users\JanaS\Desktop\GENERALI Kalkulačka.lnk
2014-08-15 10:10 - 2014-08-15 09:52 - 00000000 ____D () C:\AdwCleaner
2014-08-15 09:52 - 2014-08-15 09:51 - 01356107 _____ () C:\Users\JanaS\Downloads\adwcleaner_3.305.exe
2014-08-15 09:29 - 2014-08-15 09:29 - 00000000 ____D () C:\windows\ERUNT
2014-08-15 09:23 - 2014-08-15 09:20 - 01016261 _____ (Thisisu) C:\Users\JanaS\Desktop\JRT.exe
2014-08-14 15:36 - 2011-12-24 10:32 - 00000000 ____D () C:\ProgramData\PCDr
2014-08-14 11:10 - 2013-05-09 10:49 - 00000000 ____D () C:\Program Files\trend micro
2014-08-14 11:09 - 2014-08-14 11:09 - 01222144 _____ () C:\Users\JanaS\Downloads\RSITx64(1).exe
2014-08-14 10:51 - 2014-08-14 10:51 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\JanaS\Downloads\yet_another_cleaner_sk.exe
2014-08-13 13:50 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Yandex
2014-08-13 13:50 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Yandex
2014-08-13 13:44 - 2014-08-13 13:24 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\vlc
2014-08-13 13:42 - 2013-10-20 20:44 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Seznam.cz
2014-08-13 13:42 - 2013-10-20 20:44 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-08-13 13:41 - 2014-07-29 10:29 - 00000163 _____ () C:\windows\setup.log
2014-08-13 13:39 - 2011-11-27 18:57 - 00000000 ____D () C:\ProgramData\Skype
2014-08-13 13:25 - 2014-08-13 13:25 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\dvdcss
2014-08-13 13:23 - 2014-08-13 13:23 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-13 13:23 - 2014-08-13 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-13 13:22 - 2014-08-13 13:22 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-13 13:15 - 2014-08-13 12:11 - 24677393 _____ () C:\Users\JanaS\Downloads\vlc-2.1.3-win32.exe
2014-08-13 11:52 - 2014-08-13 11:52 - 04277239 _____ () C:\Users\JanaS\Downloads\dodatky.zip
2014-08-13 09:30 - 2012-07-11 20:34 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Windows Live
2014-08-13 09:04 - 2014-07-29 10:16 - 00000452 ____H () C:\windows\Tasks\Norton Security Scan for JanaS.job
2014-08-07 04:06 - 2014-08-15 09:32 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-15 09:32 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-30 15:24 - 2012-01-03 16:22 - 00000000 ____D () C:\Users\JanaS\AppData\Local\CutePDF Writer
2014-07-30 13:32 - 2014-07-30 13:31 - 13383168 _____ (UNIQA poisťovňa a.s.) C:\Users\JanaS\Downloads\UNI Domov a %c5%a0%c5%a5astie 8-7 2014.exe
2014-07-29 13:43 - 2014-07-29 13:42 - 880013159 _____ () C:\Users\JanaS\Downloads\foto.zip
2014-07-29 10:36 - 2014-07-29 10:14 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-29 10:30 - 2011-11-27 18:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-29 10:25 - 2012-09-19 21:09 - 00000000 ____D () C:\Temp
2014-07-29 10:23 - 2014-07-29 10:23 - 155895580 _____ (Samsung ) C:\Users\JanaS\Downloads\SmarThru_4 [1].exe
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Opera Software
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Users\JanaS\AppData\Local\Chromium
2014-07-29 10:16 - 2014-07-29 10:16 - 00003610 _____ () C:\windows\System32\Tasks\Norton Security Scan for JanaS
2014-07-29 10:16 - 2014-07-29 10:16 - 00001459 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\windows\system32\Drivers\NSSx64
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2014-07-29 10:16 - 2014-07-29 10:16 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2014-07-29 10:16 - 2011-11-27 19:03 - 00000000 ____D () C:\ProgramData\Norton
2014-07-29 10:15 - 2014-07-29 10:15 - 00000000 ____D () C:\Users\JanaS\AppData\Local\IsolatedStorage
2014-07-29 10:13 - 2014-07-29 10:13 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2014-07-29 10:13 - 2014-07-29 10:13 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\ImperiaOnline
2014-07-29 08:48 - 2013-03-13 15:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-29 08:47 - 2013-03-13 15:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-28 15:42 - 2013-03-13 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-28 15:33 - 2013-11-10 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-25 13:00 - 2014-07-25 13:00 - 00191451 _____ () C:\Users\JanaS\Downloads\ACFrOgA7jT6CBlgQXe4pk52jo_zMjZ77kkuU5ghZwDnX1BSRHj4Iu89AYxBFz7BZQheUz4rWpZCeCvvK9DQqJL5GCrBuCIqGLdT1EMNphFcvGUZiDSfJuv1bny6F1vs=
2014-07-23 09:59 - 2014-07-23 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 16:06 - 2011-12-24 10:33 - 00000000 ____D () C:\Users\JanaS\AppData\Roaming\PCDr
Some content of TEMP:
====================
C:\Users\JanaS\AppData\Local\Temp\avgnt.exe
C:\Users\JanaS\AppData\Local\Temp\GotClipDownloader_Setup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-13 14:23
==================== End Of Log ============================
- Přílohy
-
- Addition.zip
- (13.73 KiB) Staženo 63 x
Re: Yandex
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.) HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [548864 2008-10-01] (BL) HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc. HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466656 2014-05-23] (Sony) HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Google Update] => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-31] (Google Inc.) HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Handy Updater] => C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe [370176 2013-07-05] () HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [ABBYY Screenshot Reader Bonus] => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe [939272 2009-05-09] (ABBYY) HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {3bb3f95f-d6ef-11e1-a153-4c80933412e5} - D:\Startme.exe HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {5cf0104f-2bd3-11e1-b734-4c80933412e5} - D:\AutoRun.exe HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {81bb1a14-6246-11e3-afb8-4c80933412e5} - E:\SISetup.exe HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {ad0a7cfa-dcb1-11e2-a1f4-4c80933412e5} - D:\Startme.exe HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {bbe9a83b-dea1-11e3-b5b7-4c80933412e5} - D:\Startme.exe HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {f79c5f4e-92f4-11e3-926d-4c80933412e5} - E:\LGAutoRun.exe HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?win=135&clid=1989595 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Визуальные закладки -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File BHO-x32: Визуальные закладки -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yandex.ru-101827.xml FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yqs-barff-yandex.xml FF Extension: Avira Browser Safety - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\abs@avira.com [2014-08-19] FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\donottrackplus@abine.com [2014-07-13] FF Extension: Візуальныя закладкі - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\vb@yandex.ru [2014-08-13] FF Extension: Кампанент "Элементы Яндекса" - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\yasearch@yandex.ru [2014-08-13] FF Extension: Ask New Tabs - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{6991704F-B66B-7E0F-9123-19C9D5AA850E} [2014-05-08] FF Extension: Seznam lištička - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-06] 2014-08-21 11:15 - 2014-08-21 11:15 - 00000775 _____ () C:\Users\JanaS\Desktop\FRSTLauncher – zástupce.lnk 2014-08-21 11:14 - 2014-08-21 11:14 - 00112640 _____ () C:\Users\JanaS\Downloads\FRSTLauncher.exe 2014-08-15 15:12 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe 2014-08-15 14:46 - 2014-08-15 15:26 - 00015388 _____ () C:\zoek-results.log 2014-08-15 14:30 - 2014-08-15 15:06 - 00000000 ____D () C:\zoek_backup 2014-08-15 14:30 - 2014-08-15 14:39 - 00000000 ____D () C:\Users\JanaS\Downloads\zoek(1) 2014-08-15 14:28 - 2014-08-15 14:29 - 04108341 _____ () C:\Users\JanaS\Downloads\zoek(1).zip 2014-08-15 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll 2014-08-15 09:52 - 2014-08-15 10:10 - 00000000 ____D () C:\AdwCleaner 2014-08-15 09:51 - 2014-08-15 09:52 - 01356107 _____ () C:\Users\JanaS\Downloads\adwcleaner_3.305.exe 2014-08-15 09:29 - 2014-08-15 09:29 - 00000000 ____D () C:\windows\ERUNT 2014-08-15 09:20 - 2014-08-15 09:23 - 01016261 _____ (Thisisu) C:\Users\JanaS\Desktop\JRT.exe 2014-08-14 11:09 - 2014-08-14 11:09 - 01222144 _____ () C:\Users\JanaS\Downloads\RSITx64(1).exe 2014-08-14 10:51 - 2014-08-14 10:51 - 12925224 _____ (Elex do Brasil Participações Ltda) C:\Users\JanaS\Downloads\yet_another_cleaner_sk.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000Core.job => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000UA.job => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe Task: C:\windows\Tasks\Norton Security Scan for JanaS.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe Hosts: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Yandex
Mam otazku, ten vytvoreny a ulozeny fixlist.txt mam presunut vedla FRST, ale ked spustim FRST a dam FIX, napise, ze nenasiel subor fixlist.txt :-/ Nieco asi robim zle, ako je myslene, presunut vedla FRST?
Re: Yandex
Dle logu by FRST mel byt zde Running from C:\Users\JanaS\Downloads Takze bud fixlist ulozte tez do C:\Users\JanaS\Downloads nebo FRST i fixlist presunte na plochu"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Yandex
Zvladla som to
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2014 01
Ran by JanaS at 2014-08-21 16:38:44 Run:1
Running from C:\Users\JanaS\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [548864 2008-10-01] (BL)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466656 2014-05-23] (Sony)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Google Update] => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-31] (Google Inc.)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Handy Updater] => C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe [370176 2013-07-05] ()
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [ABBYY Screenshot Reader Bonus] => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe [939272 2009-05-09] (ABBYY)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {3bb3f95f-d6ef-11e1-a153-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {5cf0104f-2bd3-11e1-b734-4c80933412e5} - D:\AutoRun.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {81bb1a14-6246-11e3-afb8-4c80933412e5} - E:\SISetup.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {ad0a7cfa-dcb1-11e2-a1f4-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {bbe9a83b-dea1-11e3-b5b7-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {f79c5f4e-92f4-11e3-926d-4c80933412e5} - E:\LGAutoRun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?win=135&clid=1989595
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: ?????????? ???????? -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
BHO-x32: ?????????? ???????? -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yandex.ru-101827.xml
FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yqs-barff-yandex.xml
FF Extension: Avira Browser Safety - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\donottrackplus@abine.com [2014-07-13]
FF Extension: ?????????? ???????? - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\vb@yandex.ru [2014-08-13]
FF Extension: ????????? "???????? ???????" - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\yasearch@yandex.ru [2014-08-13]
FF Extension: Ask New Tabs - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{6991704F-B66B-7E0F-9123-19C9D5AA850E} [2014-05-08]
FF Extension: Seznam lištička - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-06]
2014-08-21 11:15 - 2014-08-21 11:15 - 00000775 _____ () C:\Users\JanaS\Desktop\FRSTLauncher – zástupce.lnk
2014-08-21 11:14 - 2014-08-21 11:14 - 00112640 _____ () C:\Users\JanaS\Downloads\FRSTLauncher.exe
2014-08-15 15:12 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-15 14:46 - 2014-08-15 15:26 - 00015388 _____ () C:\zoek-results.log
2014-08-15 14:30 - 2014-08-15 15:06 - 00000000 ____D () C:\zoek_backup
2014-08-15 14:30 - 2014-08-15 14:39 - 00000000 ____D () C:\Users\JanaS\Downloads\zoek(1)
2014-08-15 14:28 - 2014-08-15 14:29 - 04108341 _____ () C:\Users\JanaS\Downloads\zoek(1).zip
2014-08-15 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-15 09:52 - 2014-08-15 10:10 - 00000000 ____D () C:\AdwCleaner
2014-08-15 09:51 - 2014-08-15 09:52 - 01356107 _____ () C:\Users\JanaS\Downloads\adwcleaner_3.305.exe
2014-08-15 09:29 - 2014-08-15 09:29 - 00000000 ____D () C:\windows\ERUNT
2014-08-15 09:20 - 2014-08-15 09:23 - 01016261 _____ (Thisisu) C:\Users\JanaS\Desktop\JRT.exe
2014-08-14 11:09 - 2014-08-14 11:09 - 01222144 _____ () C:\Users\JanaS\Downloads\RSITx64(1).exe
2014-08-14 10:51 - 2014-08-14 10:51 - 12925224 _____ (Elex do Brasil Participaçoes Ltda) C:\Users\JanaS\Downloads\yet_another_cleaner_sk.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000Core.job => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000UA.job => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\windows\Tasks\Norton Security Scan for JanaS.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Hosts:
Reboot:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UCam_Menu => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LGODDFU => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdatePSTShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value deleted successfully.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Handy Updater => value deleted successfully.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Bonus => value deleted successfully.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bb3f95f-d6ef-11e1-a153-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{3bb3f95f-d6ef-11e1-a153-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5cf0104f-2bd3-11e1-b734-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{5cf0104f-2bd3-11e1-b734-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81bb1a14-6246-11e3-afb8-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{81bb1a14-6246-11e3-afb8-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad0a7cfa-dcb1-11e2-a1f4-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{ad0a7cfa-dcb1-11e2-a1f4-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bbe9a83b-dea1-11e3-b5b7-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{bbe9a83b-dea1-11e3-b5b7-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f79c5f4e-92f4-11e3-926d-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{f79c5f4e-92f4-11e3-926d-4c80933412e5}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}" => Key deleted successfully.
"HKCR\CLSID\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}" => Key deleted successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yandex.ru-101827.xml => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yqs-barff-yandex.xml => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\abs@avira.com => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\donottrackplus@abine.com => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\vb@yandex.ru => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\yasearch@yandex.ru => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{6991704F-B66B-7E0F-9123-19C9D5AA850E} => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => Moved successfully.
C:\Users\JanaS\Desktop\FRSTLauncher – zástupce.lnk => Moved successfully.
C:\Users\JanaS\Downloads\FRSTLauncher.exe => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\JanaS\Downloads\zoek(1) => Moved successfully.
C:\Users\JanaS\Downloads\zoek(1).zip => Moved successfully.
C:\windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\JanaS\Downloads\adwcleaner_3.305.exe => Moved successfully.
C:\windows\ERUNT => Moved successfully.
C:\Users\JanaS\Desktop\JRT.exe => Moved successfully.
C:\Users\JanaS\Downloads\RSITx64(1).exe => Moved successfully.
C:\Users\JanaS\Downloads\yet_another_cleaner_sk.exe => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000UA.job => Moved successfully.
C:\windows\Tasks\HP Photo Creations Messager.job => Moved successfully.
C:\windows\Tasks\Norton Security Scan for JanaS.job => Moved successfully.
Could not reset Hosts.
The system needed a reboot.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2014 01
Ran by JanaS at 2014-08-21 16:38:44 Run:1
Running from C:\Users\JanaS\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [548864 2008-10-01] (BL)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466656 2014-05-23] (Sony)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Google Update] => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-31] (Google Inc.)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [Handy Updater] => C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe [370176 2013-07-05] ()
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\Run: [ABBYY Screenshot Reader Bonus] => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe [939272 2009-05-09] (ABBYY)
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {3bb3f95f-d6ef-11e1-a153-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {5cf0104f-2bd3-11e1-b734-4c80933412e5} - D:\AutoRun.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {81bb1a14-6246-11e3-afb8-4c80933412e5} - E:\SISetup.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {ad0a7cfa-dcb1-11e2-a1f4-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {bbe9a83b-dea1-11e3-b5b7-4c80933412e5} - D:\Startme.exe
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\...\MountPoints2: {f79c5f4e-92f4-11e3-926d-4c80933412e5} - E:\LGAutoRun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?win=135&clid=1989595
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: ?????????? ???????? -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
BHO-x32: ?????????? ???????? -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yandex.ru-101827.xml
FF SearchPlugin: C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yqs-barff-yandex.xml
FF Extension: Avira Browser Safety - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\donottrackplus@abine.com [2014-07-13]
FF Extension: ?????????? ???????? - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\vb@yandex.ru [2014-08-13]
FF Extension: ????????? "???????? ???????" - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\yasearch@yandex.ru [2014-08-13]
FF Extension: Ask New Tabs - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{6991704F-B66B-7E0F-9123-19C9D5AA850E} [2014-05-08]
FF Extension: Seznam lištička - C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-06]
2014-08-21 11:15 - 2014-08-21 11:15 - 00000775 _____ () C:\Users\JanaS\Desktop\FRSTLauncher – zástupce.lnk
2014-08-21 11:14 - 2014-08-21 11:14 - 00112640 _____ () C:\Users\JanaS\Downloads\FRSTLauncher.exe
2014-08-15 15:12 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-15 14:46 - 2014-08-15 15:26 - 00015388 _____ () C:\zoek-results.log
2014-08-15 14:30 - 2014-08-15 15:06 - 00000000 ____D () C:\zoek_backup
2014-08-15 14:30 - 2014-08-15 14:39 - 00000000 ____D () C:\Users\JanaS\Downloads\zoek(1)
2014-08-15 14:28 - 2014-08-15 14:29 - 04108341 _____ () C:\Users\JanaS\Downloads\zoek(1).zip
2014-08-15 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-15 09:52 - 2014-08-15 10:10 - 00000000 ____D () C:\AdwCleaner
2014-08-15 09:51 - 2014-08-15 09:52 - 01356107 _____ () C:\Users\JanaS\Downloads\adwcleaner_3.305.exe
2014-08-15 09:29 - 2014-08-15 09:29 - 00000000 ____D () C:\windows\ERUNT
2014-08-15 09:20 - 2014-08-15 09:23 - 01016261 _____ (Thisisu) C:\Users\JanaS\Desktop\JRT.exe
2014-08-14 11:09 - 2014-08-14 11:09 - 01222144 _____ () C:\Users\JanaS\Downloads\RSITx64(1).exe
2014-08-14 10:51 - 2014-08-14 10:51 - 12925224 _____ (Elex do Brasil Participaçoes Ltda) C:\Users\JanaS\Downloads\yet_another_cleaner_sk.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000Core.job => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000UA.job => C:\Users\JanaS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\windows\Tasks\Norton Security Scan for JanaS.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Hosts:
Reboot:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UCam_Menu => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LGODDFU => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdatePSTShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value deleted successfully.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Handy Updater => value deleted successfully.
HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Bonus => value deleted successfully.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bb3f95f-d6ef-11e1-a153-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{3bb3f95f-d6ef-11e1-a153-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5cf0104f-2bd3-11e1-b734-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{5cf0104f-2bd3-11e1-b734-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81bb1a14-6246-11e3-afb8-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{81bb1a14-6246-11e3-afb8-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad0a7cfa-dcb1-11e2-a1f4-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{ad0a7cfa-dcb1-11e2-a1f4-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bbe9a83b-dea1-11e3-b5b7-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{bbe9a83b-dea1-11e3-b5b7-4c80933412e5}" => Key not found.
"HKU\S-1-5-21-2467250943-1528532861-3230622698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f79c5f4e-92f4-11e3-926d-4c80933412e5}" => Key deleted successfully.
"HKCR\CLSID\{f79c5f4e-92f4-11e3-926d-4c80933412e5}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}" => Key deleted successfully.
"HKCR\CLSID\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}" => Key deleted successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yandex.ru-101827.xml => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\searchplugins\yqs-barff-yandex.xml => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\abs@avira.com => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\donottrackplus@abine.com => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\vb@yandex.ru => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\yasearch@yandex.ru => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{6991704F-B66B-7E0F-9123-19C9D5AA850E} => Moved successfully.
C:\Users\JanaS\AppData\Roaming\Mozilla\Firefox\Profiles\16yut7sw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => Moved successfully.
C:\Users\JanaS\Desktop\FRSTLauncher – zástupce.lnk => Moved successfully.
C:\Users\JanaS\Downloads\FRSTLauncher.exe => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\JanaS\Downloads\zoek(1) => Moved successfully.
C:\Users\JanaS\Downloads\zoek(1).zip => Moved successfully.
C:\windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\JanaS\Downloads\adwcleaner_3.305.exe => Moved successfully.
C:\windows\ERUNT => Moved successfully.
C:\Users\JanaS\Desktop\JRT.exe => Moved successfully.
C:\Users\JanaS\Downloads\RSITx64(1).exe => Moved successfully.
C:\Users\JanaS\Downloads\yet_another_cleaner_sk.exe => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2467250943-1528532861-3230622698-1000UA.job => Moved successfully.
C:\windows\Tasks\HP Photo Creations Messager.job => Moved successfully.
C:\windows\Tasks\Norton Security Scan for JanaS.job => Moved successfully.
Could not reset Hosts.
The system needed a reboot.
==== End of Fixlog ====
Re: Yandex
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Yandex
Ja Vam zase raz uprimne dakujem za pomoc
Pekny den
Pekny den
Přispějete na provoz fóra?