Zdravím,
Prosím o pomoc. Tady posílám log. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Katka at 2014-11-15 13:21:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 253 GB (55%) free of 456 GB
Total RAM: 4077 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:21:57, on 15.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Katka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Users\Katka\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Katka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 1&tsp=5190
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.homesearchapp.info/?unqvl=17
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
R3 - URLSearchHook: (no name) - {f999a48b-1950-4d81-9971-79018f807b4b} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Isaveer - {1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F} - C:\ProgramData\Isaveer\bX9hqD.dll
O2 - BHO: ReGularDeAls - {667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26} - C:\ProgramData\ReGularDeAls\D.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: SaveroExTension - {EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226} - C:\ProgramData\SaveroExTension\3bMRJ6MX.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] "C:\Program Files (x86)\VNT\vntldr.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Katka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarbonPoker\CarbonPoker.lnk (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\Windows\SysWOW64\nethtsrv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Intel(R) System Behavior Tracker Collector Service (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\Windows\SysWOW64\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15499 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3971056
\??\C:\Windows\system32\conhost.exe "-1465800404-1229236724-12845408751258117102605437484813710022-36204801577364910
taskeng.exe {A20C342C-8531-4FE2-A124-46D9CE811F8B}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe"
atieclxx
C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
WLIDSvcM.exe 2308
"taskhost.exe"
taskeng.exe {A28CC642-4DCA-4413-A273-02EFE53767EC}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {0C67DFD7-41B0-4326-BA96-2A8B6ECA1A7F}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe" /AutoStart
"C:\Program Files (x86)\Sony\VAIO Control Center\VESGfxMgr.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Users\Katka\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
C:\Windows\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
/Device:00000ca1
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Users\Katka\AppData\Local\VNT\vntldr.exe" /EXEC
"" "--start" "--register_port" "--address" "127.0.0.1" "--port" "49266" "--pause_on_user_switching" "--depend_on_service" "SampleCollector" "--depend_on_service_start_state_not" "disabled" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=no output_folder='C:\ProgramData\Sony Corporation\VAIO Care\inteldata\userlogs' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Sony\VAIO Care\ESRV\sony_foreground_window_input.dll' "
\??\C:\Windows\system32\conhost.exe "-499424630-63581548970262011884765907315451565997616926131004460241-1760051434
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Sony\VAIO Update\VUAgent.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49265" "--depend_on_service" "SampleCollector" "--depend_on_service_start_state_not" "disabled" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Sony Corporation\VAIO Care\inteldata' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Sony\VAIO Care\ESRV\sony_acpi_battery_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\sony_sema_thermal_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\sony_wifi_input.dll' "
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=10000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1" "/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\%C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\system32\wuauclt.exe"
C:\Windows\SysWOW64\nethtsrv.exe
C:\Windows\SysWOW64\netupdsrv.exe
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3672.0.383087385\1077076817" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x6760 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.821.2.1000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="3672.2.645344809\545386401" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="3672.3.1637997655\1695571181" /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="3672.9.1839526980\749899036" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Katka\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AmiUpdXp.job - C:\Users\Katka\AppData\Local\15278\Updater.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
wikipedia-cz.xml
C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\extensions\
centrumpomocnik@centrum.cz
eaeurkspae@g-zmf.com
rnptuoie@joaeea.net
t3.nzezn@ph-rdvyaa.co.uk
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\
askcom.xml
buenosearch.xml
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml
WebSearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}]
Isaveer - C:\ProgramData\Isaveer\bX9hqD.x64.dll [2014-02-27 475136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}]
ReGularDeAls - C:\ProgramData\ReGularDeAls\D.x64.dll [2014-01-01 475648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}]
SaveroExTension - C:\ProgramData\SaveroExTension\3bMRJ6MX.x64.dll [2014-01-01 474112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}]
Isaveer - C:\ProgramData\Isaveer\bX9hqD.dll [2014-02-27 425984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}]
ReGularDeAls - C:\ProgramData\ReGularDeAls\D.dll [2014-01-01 426496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}]
SaveroExTension - C:\ProgramData\SaveroExTension\3bMRJ6MX.dll [2014-01-01 425984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-24 11855976]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-06-24 2226280]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-07-05 947360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-07-05 797344]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-24 2531624]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe [2014-10-28 1385808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-05-10 37960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-10-09 1942424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-01-24 1646216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPN Notifier]
C:\Program Files (x86)\Lock Poker\PokerNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe -c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Katka\AppData\Local\Google\Update\GoogleUpdate.exe /c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe /gui []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.7\ICQ.exe silent loginmode=4 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files (x86)\PDF24\pdf24.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_NT]
C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe / /PROMPT /CMPID=ROC_NT []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files (x86)\VNT\vntldr.exe [2014-09-03 196504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop]
C:\Users\Katka\AppData\Roaming\Yontoo\YontooDesktop.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Katka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Katka\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-09-13 36414624]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2011-05-02 500736]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-25 336384]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2011-05-31 2801288]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2011-03-15 650080]
""= []
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-10-09 1942424]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-09-03 196504]
C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Katka\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-15 13:21:50 ----D---- C:\Program Files\trend micro
2014-11-15 13:21:49 ----D---- C:\rsit
2014-11-12 21:21:57 ----A---- C:\awh95A9.tmp
2014-11-12 03:03:15 ----D---- C:\346146de3a0d3ed821044f2534
2014-11-11 20:26:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-11 20:26:17 ----A---- C:\Windows\system32\aepdu.dll
2014-11-11 20:26:15 ----A---- C:\Windows\system32\aeinv.dll
2014-11-11 20:26:12 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-11 20:26:12 ----A---- C:\Windows\system32\termsrv.dll
2014-11-11 20:26:12 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-11 20:26:12 ----A---- C:\Windows\system32\adtschema.dll
2014-11-11 20:26:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-11 20:26:11 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-11 20:26:11 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-11 20:26:11 ----A---- C:\Windows\system32\msaudite.dll
2014-11-11 20:26:11 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-11 20:25:57 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-11 20:25:57 ----A---- C:\Windows\system32\msxml3.dll
2014-11-11 20:25:56 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-11 20:25:56 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-11 20:25:55 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-11 20:25:54 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-11 20:25:52 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-11 20:25:52 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-11 20:25:52 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-11 20:25:51 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-11 20:25:51 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-11 20:25:51 ----A---- C:\Windows\system32\EncDump.dll
2014-11-11 20:25:51 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-11 20:25:51 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-11 20:25:45 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-11 20:25:45 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-11 20:25:45 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-11 20:25:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-11 20:25:45 ----A---- C:\Windows\system32\wdigest.dll
2014-11-11 20:25:45 ----A---- C:\Windows\system32\schannel.dll
2014-11-11 20:25:45 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-11 20:25:45 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-11 20:25:45 ----A---- C:\Windows\system32\kerberos.dll
2014-11-11 20:25:44 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-11 20:25:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-11 20:25:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-11 20:25:44 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-11 20:25:44 ----A---- C:\Windows\system32\credssp.dll
2014-11-11 20:25:20 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-11 20:25:20 ----A---- C:\Windows\system32\packager.dll
2014-11-11 20:25:19 ----A---- C:\Windows\system32\win32k.sys
2014-11-11 20:25:14 ----A---- C:\Windows\system32\msi.dll
2014-11-11 20:25:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-11 20:24:49 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-11 20:24:48 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-11 20:12:14 ----A---- C:\awh4F86.tmp
2014-11-10 21:08:35 ----A---- C:\awh3B79.tmp
2014-11-09 21:32:24 ----A---- C:\awh3CF0.tmp
2014-11-05 19:03:44 ----A---- C:\awh47F7.tmp
2014-11-04 19:03:24 ----A---- C:\awh3938.tmp
2014-11-03 19:48:00 ----A---- C:\awh338D.tmp
2014-11-01 13:58:47 ----A---- C:\awhD744.tmp
2014-10-30 03:00:34 ----A---- C:\awh2226.tmp
2014-10-22 02:00:39 ----A---- C:\awhE452.tmp
2014-10-21 14:31:40 ----A---- C:\Windows\system32\drivers\nethfdrv.sys
2014-10-21 14:31:20 ----A---- C:\Windows\SYSWOW64\netupdsrv.exe
2014-10-21 14:31:08 ----A---- C:\Windows\SYSWOW64\installd.exe
2014-10-21 14:30:54 ----A---- C:\Windows\SYSWOW64\nethtsrv.exe
2014-10-21 14:30:42 ----A---- C:\Windows\SYSWOW64\hfnapi.dll
2014-10-21 14:30:26 ----A---- C:\Windows\SYSWOW64\hfpapi.dll
2014-10-17 13:57:17 ----A---- C:\awh3207.tmp
2014-10-16 15:15:44 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-16 15:15:44 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-16 15:15:44 ----A---- C:\Windows\system32\mscorier.dll
2014-10-16 15:15:44 ----A---- C:\Windows\system32\dfshim.dll
2014-10-16 15:15:43 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-16 15:15:43 ----A---- C:\Windows\system32\mscories.dll
2014-10-16 15:15:06 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-16 15:15:06 ----A---- C:\Windows\system32\rastls.dll
2014-10-16 15:14:59 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-16 15:14:58 ----A---- C:\Windows\system32\mstscax.dll
2014-10-16 15:14:57 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-16 15:14:57 ----A---- C:\Windows\system32\mstsc.exe
2014-10-16 15:14:56 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-16 15:14:56 ----A---- C:\Windows\system32\winsta.dll
2014-10-16 15:14:56 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-16 15:14:56 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-16 15:14:55 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-16 15:14:55 ----A---- C:\Windows\system32\winlogon.exe
2014-10-16 15:14:54 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-16 15:06:23 ----A---- C:\awh477B.tmp
======List of files/folders modified in the last 1 month======
2014-11-15 13:21:50 ----RD---- C:\Program Files
2014-11-15 13:21:42 ----D---- C:\Windows\Temp
2014-11-15 13:20:50 ----D---- C:\Users\Katka\AppData\Roaming\uTorrent
2014-11-15 13:19:12 ----D---- C:\Windows\system32\config
2014-11-14 15:28:08 ----D---- C:\Windows\SysWOW64
2014-11-13 20:46:05 ----D---- C:\Windows\Microsoft.NET
2014-11-13 20:44:35 ----RSD---- C:\Windows\assembly
2014-11-13 20:36:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-13 20:33:51 ----D---- C:\Windows\System32
2014-11-13 20:33:51 ----D---- C:\Windows\inf
2014-11-13 20:33:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-13 20:31:54 ----SHD---- C:\System Volume Information
2014-11-13 20:16:24 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-13 20:15:13 ----D---- C:\Users\Katka\AppData\Roaming\Dropbox
2014-11-13 20:13:17 ----D---- C:\Windows\winsxs
2014-11-12 21:56:08 ----SD---- C:\Windows\system32\CompatTel
2014-11-12 21:56:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-12 21:56:05 ----D---- C:\Windows\system32\drivers
2014-11-12 21:56:05 ----D---- C:\Windows\system32\cs-CZ
2014-11-12 21:36:03 ----SHD---- C:\Windows\Installer
2014-11-12 21:35:27 ----D---- C:\ProgramData\Microsoft Help
2014-11-12 21:30:41 ----RSD---- C:\Windows\Fonts
2014-11-12 03:03:23 ----D---- C:\Windows\system32\MRT
2014-11-12 03:03:20 ----A---- C:\Windows\system32\MRT.exe
2014-11-11 20:24:36 ----D---- C:\Windows\system32\catroot
2014-11-11 20:24:20 ----D---- C:\Windows\system32\catroot2
2014-11-04 20:59:38 ----D---- C:\Program Files (x86)\VNT
2014-11-01 20:33:48 ----D---- C:\The KMPlayer
2014-10-30 12:25:26 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 13:56:11 ----RD---- C:\Program Files (x86)
2014-10-27 13:47:01 ----HD---- C:\ProgramData
2014-10-19 17:44:48 ----D---- C:\Program Files (x86)\PokerStars
2014-10-17 14:07:34 ----D---- C:\Windows\system32\FxsTmp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-06-30 557848]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-21 283064]
R1 nethfdrv;nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [2014-10-21 46160]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2011-06-24 102400]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [2011-06-24 98816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-08-12 9085952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-08-12 299520]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-07-05 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-21 2753536]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-07-05 330400]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-07-05 110240]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2011-07-05 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2011-07-05 167072]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-07-05 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2011-07-05 280992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-07-05 496800]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 64512]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-24 2886888]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-06-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2011-06-24 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2011-07-22 231328]
R3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2014-05-14 13792]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2011-06-24 1404464]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 jprhebwv;jprhebwv; \??\C:\Windows\system32\drivers\jprhebwv.sys []
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-07-05 51872]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-08-12 203776]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-10-30 166296]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-07-05 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-07-05 98976]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-01 377768]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-06-24 326424]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NetHttpService;Network HTTP Support Service; C:\Windows\SysWOW64\nethtsrv.exe [2014-10-21 180736]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
R2 SampleCollector;Intel(R) System Behavior Tracker Collector Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2013-11-01 266168]
R2 ServiceUpdater;Network Support Service Updater; C:\Windows\SysWOW64\netupdsrv.exe [2014-10-21 161792]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-06-24 2656536]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2011-07-07 66696]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-05-31 552584]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2013-08-27 961624]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2014-02-20 60504]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-09-25 1369136]
S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-15 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 DCDhcpService;DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2011-07-19 104096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-15 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-12-10 111616]
S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [2013-10-16 235216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-01 377768]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomaleny PC, nezadoucí reklama v prohlížeči
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
Prijemnou sobotu Vam preju 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Clean
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm
- spustte jako spravce
- do velkeho okna zkopirujte script uvedeny nize
- kliknete na Run script
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
tady posílám nový log: Reklamy se zobrazuji a vyskakuji stale.
# AdwCleaner v4.101 - Report created 15/11/2014 at 13:43:50
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Katka - KATKA-VAIO
# Running from : C:\Users\Katka\Downloads\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
Service Deleted : nethfdrv
Service Deleted : NethxxpService
Service Deleted : ServiceUpdater
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\iolo
Folder Deleted : C:\ProgramData\Isaveer
Folder Deleted : C:\ProgramData\ReGularDeAls
Folder Deleted : C:\ProgramData\SaveroExTension
Folder Deleted : C:\ProgramData\357858b740da9991
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\VNT
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Katka\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Katka\AppData\Local\AskToolbar
Folder Deleted : C:\Users\Katka\AppData\Local\Conduit
Folder Deleted : C:\Users\Katka\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Katka\AppData\Local\VNT
Folder Deleted : C:\Users\Katka\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Katka\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Katka\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Katka\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Katka\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Katka\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Katka\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\Katka\AppData\Roaming\iolo
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\eaeurkspae@g-zmf.com
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\rnptuoie@joaeea.net
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\t3.nzezn@ph-rdvyaa.co.uk
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\SysWOW64\nethtsrv.exe
File Deleted : C:\Windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Windows\System32\drivers\nethfdrv.sys
File Deleted : C:\Users\Katka\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\buenosearch.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\WebSearch.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : AmiUpdXp
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : YourFile DownloaderUpdate
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Key Deleted : HKLM\SOFTWARE\Classes\ISauvver.ISauvver
Key Deleted : HKLM\SOFTWARE\Classes\ISauvver.ISauvver.4.6
Key Deleted : HKLM\SOFTWARE\Classes\RegularDeaals.RegularDeaals
Key Deleted : HKLM\SOFTWARE\Classes\RegularDeaals.RegularDeaals.7.2
Key Deleted : HKLM\SOFTWARE\Classes\SuaverExtEnseiionn.SuaverExtEnseiionn
Key Deleted : HKLM\SOFTWARE\Classes\SuaverExtEnseiionn.SuaverExtEnseiionn.1
Key Deleted : HKCU\Software\2c38cf2388374a93568a4045e16e79fd
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BAB89B9F-8115-403C-8E29-16E63D4F068E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\BetterSurf
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\MediaBuzzV1
Key Deleted : HKLM\SOFTWARE\MediaPlayerV1
Key Deleted : HKLM\SOFTWARE\MediaViewerV1
Key Deleted : HKLM\SOFTWARE\MediaViewV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\TrustMediaViewerV1
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\buenosearch.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.buenosearch.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v9.0 (cs)
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.0bYfhoMm.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorob[...]
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.admin", false);
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.dfltLng", "en");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.id", "50c22a3c000000000000b639e5a2b5a7");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.instlDay", "16147");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.newTab", false);
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5190");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5190");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.717:02:15");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.cS4.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.net[...]
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.qjKdnmL5EC.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumor[...]
-\\ Google Chrome v38.0.2125.104
*************************
AdwCleaner[R0].txt - [26427 octets] - [15/11/2014 13:42:07]
AdwCleaner[S0].txt - [24910 octets] - [15/11/2014 13:43:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24971 octets] ##########
# AdwCleaner v4.101 - Report created 15/11/2014 at 13:43:50
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Katka - KATKA-VAIO
# Running from : C:\Users\Katka\Downloads\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
Service Deleted : nethfdrv
Service Deleted : NethxxpService
Service Deleted : ServiceUpdater
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\iolo
Folder Deleted : C:\ProgramData\Isaveer
Folder Deleted : C:\ProgramData\ReGularDeAls
Folder Deleted : C:\ProgramData\SaveroExTension
Folder Deleted : C:\ProgramData\357858b740da9991
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\VNT
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Katka\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Katka\AppData\Local\AskToolbar
Folder Deleted : C:\Users\Katka\AppData\Local\Conduit
Folder Deleted : C:\Users\Katka\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Katka\AppData\Local\VNT
Folder Deleted : C:\Users\Katka\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Katka\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Katka\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Katka\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Katka\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Katka\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Katka\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\Katka\AppData\Roaming\iolo
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\eaeurkspae@g-zmf.com
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\rnptuoie@joaeea.net
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\t3.nzezn@ph-rdvyaa.co.uk
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\SysWOW64\nethtsrv.exe
File Deleted : C:\Windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Windows\System32\drivers\nethfdrv.sys
File Deleted : C:\Users\Katka\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\buenosearch.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\WebSearch.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : AmiUpdXp
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : YourFile DownloaderUpdate
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Key Deleted : HKLM\SOFTWARE\Classes\ISauvver.ISauvver
Key Deleted : HKLM\SOFTWARE\Classes\ISauvver.ISauvver.4.6
Key Deleted : HKLM\SOFTWARE\Classes\RegularDeaals.RegularDeaals
Key Deleted : HKLM\SOFTWARE\Classes\RegularDeaals.RegularDeaals.7.2
Key Deleted : HKLM\SOFTWARE\Classes\SuaverExtEnseiionn.SuaverExtEnseiionn
Key Deleted : HKLM\SOFTWARE\Classes\SuaverExtEnseiionn.SuaverExtEnseiionn.1
Key Deleted : HKCU\Software\2c38cf2388374a93568a4045e16e79fd
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BAB89B9F-8115-403C-8E29-16E63D4F068E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\BetterSurf
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\MediaBuzzV1
Key Deleted : HKLM\SOFTWARE\MediaPlayerV1
Key Deleted : HKLM\SOFTWARE\MediaViewerV1
Key Deleted : HKLM\SOFTWARE\MediaViewV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\TrustMediaViewerV1
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\buenosearch.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.buenosearch.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v9.0 (cs)
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.0bYfhoMm.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorob[...]
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.admin", false);
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.dfltLng", "en");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.id", "50c22a3c000000000000b639e5a2b5a7");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.instlDay", "16147");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.newTab", false);
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5190");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5190");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.717:02:15");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.cS4.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.net[...]
[skzeq6q0.default\prefs.js] - Line Deleted : user_pref("extensions.qjKdnmL5EC.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumor[...]
-\\ Google Chrome v38.0.2125.104
*************************
AdwCleaner[R0].txt - [26427 octets] - [15/11/2014 13:42:07]
AdwCleaner[S0].txt - [24910 octets] - [15/11/2014 13:43:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24971 octets] ##########
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
Pokracujte zoekem, at s nema skoncujeme 
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
Tady posílám opet log ze Zoek.exe:
Zoek.exe v5.0.0.0 Updated 14-November-2014
Tool run by Katka on so 15.11.2014 at 13:58:45,91.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Katka\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15.11.2014 14:00:15 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{150880A2-C283-40CD-AB9A-2823465D007D} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{F999A48B-1950-4D81-9971-79018F807B4B} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{F999A48B-1950-4D81-9971-79018F807B4B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@WebexpEnhancedV1alpha771.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta50.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha517.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewerV1alpha1128.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha964.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha9118.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaWatchV1home2032.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaBuzzV1mode6010.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@RichMediaViewV1release762.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@TrustMediaViewerV1alpha1076.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@RichMediaViewV1release4201.net deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\prefs.js:
Added to C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default
user.js not found
---- Lines extensions.0bYfhoMm removed from prefs.js ----
user_pref("extensions.0bYfhoMm.epoch", "1416141160");
user_pref("extensions.0bYfhoMm.url", "http://chariotopticforevery.org/sync2/? ... 7n0rjnEqTs
---- Lines extensions.cS4 removed from prefs.js ----
user_pref("extensions.cS4.epoch", "1416141160");
user_pref("extensions.cS4.url", "http://getsyncer5.info/sync2/?q=hfZ9oeh ... 5qdY9qch7h
---- Lines extensions.qjKdnmL5EC removed from prefs.js ----
user_pref("extensions.qjKdnmL5EC.epoch", "1416141160");
user_pref("extensions.qjKdnmL5EC.url", "http://pineapplecompcomp.net/sync2/?q=h ... n0rjnEqTs5
---- FireFox user.js and prefs.js backups ----
prefs_15.11.2014_1413_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\fhiiecohngohpjmplkgajbgambicaiee deleted
C:\Users\Katka\AppData\LocalLow\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F} deleted
C:\Users\Katka\AppData\LocalLow\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26} deleted
C:\Users\Katka\AppData\LocalLow\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226} deleted
C:\Users\Katka\AppData\Local\Packages\windows_ie_ac_001\AC\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226} deleted
C:\PROGRA~3\eSellerate deleted
C:\Users\Katka\AppData\Local\15278 deleted
C:\Users\Katka\AppData\Local\30143 deleted
C:\Users\Katka\AppData\LocalLow\uTorrentControl2 deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\uTorrentControl2 deleted
C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\awh1F33.tmp deleted
C:\awh2226.tmp deleted
C:\awh271F.tmp deleted
C:\awh2E6F.tmp deleted
C:\awh314C.tmp deleted
C:\awh3207.tmp deleted
C:\awh32C2.tmp deleted
C:\awh338D.tmp deleted
C:\awh38AC.tmp deleted
C:\awh3938.tmp deleted
C:\awh3957.tmp deleted
C:\awh3A32.tmp deleted
C:\awh3B79.tmp deleted
C:\awh3C44.tmp deleted
C:\awh3CF0.tmp deleted
C:\awh3F31.tmp deleted
C:\awh3F60.tmp deleted
C:\awh41FF.tmp deleted
C:\awh4411.tmp deleted
C:\awh45D5.tmp deleted
C:\awh4652.tmp deleted
C:\awh477B.tmp deleted
C:\awh47F7.tmp deleted
C:\awh49CB.tmp deleted
C:\awh4D64.tmp deleted
C:\awh4E8C.tmp deleted
C:\awh4F09.tmp deleted
C:\awh4F86.tmp deleted
C:\awh54A4.tmp deleted
C:\awh5BC5.tmp deleted
C:\awh61CE.tmp deleted
C:\awh649B.tmp deleted
C:\awh6631.tmp deleted
C:\awh66AE.tmp deleted
C:\awh68DC.tmp deleted
C:\awh69E9.tmp deleted
C:\awh71E4.tmp deleted
C:\awh755D.tmp deleted
C:\awh77AE.tmp deleted
C:\awh7CFC.tmp deleted
C:\awh7DB7.tmp deleted
C:\awh7E33.tmp deleted
C:\awh8262.tmp deleted
C:\awh95A9.tmp deleted
C:\awhAF8.tmp deleted
C:\awhB389.tmp deleted
C:\awhC2C1.tmp deleted
C:\awhCE94.tmp deleted
C:\awhCEF9.tmp deleted
C:\awhD5F2.tmp deleted
C:\awhD744.tmp deleted
C:\awhE452.tmp deleted
C:\install.exe deleted
C:\found.000 deleted
C:\Users\Katka\AppData\Roaming\burnaware.ini deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Katka\AppData\Local\CRE deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\hfnapi.dll deleted
C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\ICQToolbarData deleted
C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\CT3072253 deleted
C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\conduitCommon deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default
- Centrum domnov pomocnk - %ProfilePath%\extensions\centrumpomocnik@centrum.cz
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default
67D325B5AEB28E381B84E8DE1A90C7A8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aifapmfepfblojllobikmnmhgloennpb - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1076\ch\TrustMediaViewerV1alpha1076.crx[]
djangfffabhekeldagfnpbpboplnilbm - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha771\ch\WebexpEnhancedV1alpha771.crx[]
epfjeebhbonodcmjbhmhkamgjaegimia - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release762\ch\RichMediaViewV1release762.crx[]
gegopkjddlgaacaogfbeipbhmclieali - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1128\ch\MediaViewerV1alpha1128.crx[]
hjkjcpfljbflffemlplcojnacdbmgcad - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6010\ch\MediaBuzzV1mode6010.crx[]
hjmnhjkjdgikcnoodjdjeohkmcfklolh - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2032\ch\MediaWatchV1home2032.crx[]
kkpkpnmnkdaipnhfphloamdjeclhmdko - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9118\ch\MediaViewV1alpha9118.crx[]
lfceeanojpgehnkjoaaanafpchkallbk - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha964\ch\MediaViewV1alpha964.crx[]
nnjinoooamigmmcaednonbfojdkjafnp - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta50\ch\VideoPlayerV3beta50.crx[]
pacgpkgadgmibnhpdidcnfafllnmeomc - C:\Users\Katka\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx[]
pkbfpjcjiaepaefidojjphdcmhmdmepf - C:\ProgramData\AskPartnerNetwork\Toolbar\KMPV7c\CRX\ToolbarCR.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pacgpkgadgmibnhpdidcnfafllnmeomc - C:\Users\Katka\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx[]
AdBlock - Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
uTorrentControl2 - Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
==== Chromium Fix ======================
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://vaioportal.sony.eu"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{BAB89B9F-8115-403C-8E29-16E63D4F068E}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BAB89B9F-8115-403C-8E29-16E63D4F068E}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{23FC3E82-C48C-4B33-9480-B673B54B58C6} eBay Url="http://rover.ebay.com/rover/1/14361-113 ... earchTerms}"
{904EBC3A-6209-43AD-936F-FBB58DE86306} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_16194"
{C5DA00F1-3BD7-47A8-9144-8578F1DABB38} Zinio Url="http://services.zinio.com/search?s={sea ... sonyslices"
==== Reset Google Chrome ======================
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B7642B3E-C46E-723F-350E-5A2D236FE792} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aifapmfepfblojllobikmnmhgloennpb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\djangfffabhekeldagfnpbpboplnilbm deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\epfjeebhbonodcmjbhmhkamgjaegimia deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gegopkjddlgaacaogfbeipbhmclieali deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hjkjcpfljbflffemlplcojnacdbmgcad deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hjmnhjkjdgikcnoodjdjeohkmcfklolh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kkpkpnmnkdaipnhfphloamdjeclhmdko deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lfceeanojpgehnkjoaaanafpchkallbk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nnjinoooamigmmcaednonbfojdkjafnp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pkbfpjcjiaepaefidojjphdcmhmdmepf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pkbfpjcjiaepaefidojjphdcmhmdmepf deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPN Notifier deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_NT deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Katka\AppData\Local\Mozilla\Firefox\Profiles\skzeq6q0.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1174 folders=225 56513589 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Katka\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Katka\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on so 15.11.2014 at 14:23:44,84 ======================
Zoek.exe v5.0.0.0 Updated 14-November-2014
Tool run by Katka on so 15.11.2014 at 13:58:45,91.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Katka\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15.11.2014 14:00:15 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{150880A2-C283-40CD-AB9A-2823465D007D} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{F999A48B-1950-4D81-9971-79018F807B4B} deleted successfully
HKEY_USERS\S-1-5-21-3911099993-2919891390-2577953599-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{F999A48B-1950-4D81-9971-79018F807B4B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@WebexpEnhancedV1alpha771.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta50.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha517.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewerV1alpha1128.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha964.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha9118.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaWatchV1home2032.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaBuzzV1mode6010.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@RichMediaViewV1release762.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@TrustMediaViewerV1alpha1076.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@RichMediaViewV1release4201.net deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\prefs.js:
Added to C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default
user.js not found
---- Lines extensions.0bYfhoMm removed from prefs.js ----
user_pref("extensions.0bYfhoMm.epoch", "1416141160");
user_pref("extensions.0bYfhoMm.url", "http://chariotopticforevery.org/sync2/? ... 7n0rjnEqTs
---- Lines extensions.cS4 removed from prefs.js ----
user_pref("extensions.cS4.epoch", "1416141160");
user_pref("extensions.cS4.url", "http://getsyncer5.info/sync2/?q=hfZ9oeh ... 5qdY9qch7h
---- Lines extensions.qjKdnmL5EC removed from prefs.js ----
user_pref("extensions.qjKdnmL5EC.epoch", "1416141160");
user_pref("extensions.qjKdnmL5EC.url", "http://pineapplecompcomp.net/sync2/?q=h ... n0rjnEqTs5
---- FireFox user.js and prefs.js backups ----
prefs_15.11.2014_1413_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\fhiiecohngohpjmplkgajbgambicaiee deleted
C:\Users\Katka\AppData\LocalLow\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F} deleted
C:\Users\Katka\AppData\LocalLow\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26} deleted
C:\Users\Katka\AppData\LocalLow\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226} deleted
C:\Users\Katka\AppData\Local\Packages\windows_ie_ac_001\AC\{1C4389BE-EDF5-4DB3-0653-A3CEA2FB6B2F} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{667D48A4-DEB8-8A73-1EDA-D04AA8CFEA26} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{EB014FCD-1936-B5BB-3FE3-CDEDEFEFB226} deleted
C:\PROGRA~3\eSellerate deleted
C:\Users\Katka\AppData\Local\15278 deleted
C:\Users\Katka\AppData\Local\30143 deleted
C:\Users\Katka\AppData\LocalLow\uTorrentControl2 deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\uTorrentControl2 deleted
C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\awh1F33.tmp deleted
C:\awh2226.tmp deleted
C:\awh271F.tmp deleted
C:\awh2E6F.tmp deleted
C:\awh314C.tmp deleted
C:\awh3207.tmp deleted
C:\awh32C2.tmp deleted
C:\awh338D.tmp deleted
C:\awh38AC.tmp deleted
C:\awh3938.tmp deleted
C:\awh3957.tmp deleted
C:\awh3A32.tmp deleted
C:\awh3B79.tmp deleted
C:\awh3C44.tmp deleted
C:\awh3CF0.tmp deleted
C:\awh3F31.tmp deleted
C:\awh3F60.tmp deleted
C:\awh41FF.tmp deleted
C:\awh4411.tmp deleted
C:\awh45D5.tmp deleted
C:\awh4652.tmp deleted
C:\awh477B.tmp deleted
C:\awh47F7.tmp deleted
C:\awh49CB.tmp deleted
C:\awh4D64.tmp deleted
C:\awh4E8C.tmp deleted
C:\awh4F09.tmp deleted
C:\awh4F86.tmp deleted
C:\awh54A4.tmp deleted
C:\awh5BC5.tmp deleted
C:\awh61CE.tmp deleted
C:\awh649B.tmp deleted
C:\awh6631.tmp deleted
C:\awh66AE.tmp deleted
C:\awh68DC.tmp deleted
C:\awh69E9.tmp deleted
C:\awh71E4.tmp deleted
C:\awh755D.tmp deleted
C:\awh77AE.tmp deleted
C:\awh7CFC.tmp deleted
C:\awh7DB7.tmp deleted
C:\awh7E33.tmp deleted
C:\awh8262.tmp deleted
C:\awh95A9.tmp deleted
C:\awhAF8.tmp deleted
C:\awhB389.tmp deleted
C:\awhC2C1.tmp deleted
C:\awhCE94.tmp deleted
C:\awhCEF9.tmp deleted
C:\awhD5F2.tmp deleted
C:\awhD744.tmp deleted
C:\awhE452.tmp deleted
C:\install.exe deleted
C:\found.000 deleted
C:\Users\Katka\AppData\Roaming\burnaware.ini deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Katka\AppData\Local\CRE deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\hfnapi.dll deleted
C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\ICQToolbarData deleted
C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\CT3072253 deleted
C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\conduitCommon deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default
- Centrum domnov pomocnk - %ProfilePath%\extensions\centrumpomocnik@centrum.cz
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default
67D325B5AEB28E381B84E8DE1A90C7A8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aifapmfepfblojllobikmnmhgloennpb - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1076\ch\TrustMediaViewerV1alpha1076.crx[]
djangfffabhekeldagfnpbpboplnilbm - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha771\ch\WebexpEnhancedV1alpha771.crx[]
epfjeebhbonodcmjbhmhkamgjaegimia - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release762\ch\RichMediaViewV1release762.crx[]
gegopkjddlgaacaogfbeipbhmclieali - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1128\ch\MediaViewerV1alpha1128.crx[]
hjkjcpfljbflffemlplcojnacdbmgcad - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6010\ch\MediaBuzzV1mode6010.crx[]
hjmnhjkjdgikcnoodjdjeohkmcfklolh - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2032\ch\MediaWatchV1home2032.crx[]
kkpkpnmnkdaipnhfphloamdjeclhmdko - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9118\ch\MediaViewV1alpha9118.crx[]
lfceeanojpgehnkjoaaanafpchkallbk - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha964\ch\MediaViewV1alpha964.crx[]
nnjinoooamigmmcaednonbfojdkjafnp - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta50\ch\VideoPlayerV3beta50.crx[]
pacgpkgadgmibnhpdidcnfafllnmeomc - C:\Users\Katka\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx[]
pkbfpjcjiaepaefidojjphdcmhmdmepf - C:\ProgramData\AskPartnerNetwork\Toolbar\KMPV7c\CRX\ToolbarCR.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pacgpkgadgmibnhpdidcnfafllnmeomc - C:\Users\Katka\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx[]
AdBlock - Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
uTorrentControl2 - Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
==== Chromium Fix ======================
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://vaioportal.sony.eu"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{BAB89B9F-8115-403C-8E29-16E63D4F068E}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BAB89B9F-8115-403C-8E29-16E63D4F068E}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{23FC3E82-C48C-4B33-9480-B673B54B58C6} eBay Url="http://rover.ebay.com/rover/1/14361-113 ... earchTerms}"
{904EBC3A-6209-43AD-936F-FBB58DE86306} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_16194"
{C5DA00F1-3BD7-47A8-9144-8578F1DABB38} Zinio Url="http://services.zinio.com/search?s={sea ... sonyslices"
==== Reset Google Chrome ======================
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B7642B3E-C46E-723F-350E-5A2D236FE792} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aifapmfepfblojllobikmnmhgloennpb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\djangfffabhekeldagfnpbpboplnilbm deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\epfjeebhbonodcmjbhmhkamgjaegimia deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gegopkjddlgaacaogfbeipbhmclieali deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hjkjcpfljbflffemlplcojnacdbmgcad deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hjmnhjkjdgikcnoodjdjeohkmcfklolh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kkpkpnmnkdaipnhfphloamdjeclhmdko deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lfceeanojpgehnkjoaaanafpchkallbk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nnjinoooamigmmcaednonbfojdkjafnp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pkbfpjcjiaepaefidojjphdcmhmdmepf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pkbfpjcjiaepaefidojjphdcmhmdmepf deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPN Notifier deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_NT deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Katka\AppData\Local\Mozilla\Firefox\Profiles\skzeq6q0.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1174 folders=225 56513589 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Katka\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Katka\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on so 15.11.2014 at 14:23:44,84 ======================
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
tady je první log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Katka (administrator) on KATKA-VAIO on 15-11-2014 14:42:02
Running from C:\Users\Katka\Downloads
Loaded Profile: Katka (Available profiles: Katka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESGfxMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Dropbox, Inc.) C:\Users\Katka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [947360 2011-07-05] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [797344 2011-07-05] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2801288 2011-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [650080 2011-03-15] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3911099993-2919891390-2577953599-1000\...\Run: [uTorrent] => C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-28] (BitTorrent Inc.)
Startup: C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Katka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {23FC3E82-C48C-4B33-9480-B673B54B58C6} URL = http://rover.ebay.com/rover/1/14361-113 ... earchTerms}
SearchScopes: HKCU - {904EBC3A-6209-43AD-936F-FBB58DE86306} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {C5DA00F1-3BD7-47A8-9144-8578F1DABB38} URL = http://services.zinio.com/search?s={sea ... sonyslices
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
FireFox:
========
FF ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\searchplugins-backup
FF Extension: Centrum doménový pomocník - C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\centrumpomocnik@centrum.cz [2014-03-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://www.centrum.cz/"
CHR Profile: C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-27]
CHR Extension: (Dokumenty Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-27]
CHR Extension: (Disk Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-27]
CHR Extension: (YouTube) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-27]
CHR Extension: (Adblock Plus) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-27]
CHR Extension: (AdBlock) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-27]
CHR Extension: (Peněženka Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-27]
CHR Extension: (Gmail) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [98976 2011-07-05] (Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1369136 2013-09-25] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-21] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2011-06-24] (REDC)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-05-14] ()
S1 jprhebwv; \??\C:\Windows\system32\drivers\jprhebwv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 14:42 - 2014-11-15 14:43 - 00018273 _____ () C:\Users\Katka\Downloads\FRST.txt
2014-11-15 14:41 - 2014-11-15 14:42 - 00000000 ____D () C:\FRST
2014-11-15 14:41 - 2014-11-15 14:41 - 02116608 _____ (Farbar) C:\Users\Katka\Downloads\FRST64.exe
2014-11-15 14:41 - 2014-11-15 14:41 - 00112640 _____ (forum.viry.cz) C:\Users\Katka\Downloads\Nepotvrzeno 649247.crdownload
2014-11-15 14:24 - 2014-11-15 14:24 - 00000000 ___RD () C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-11-15 14:20 - 2014-11-15 13:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-15 13:59 - 2014-11-15 14:23 - 00021000 _____ () C:\zoek-results.log
2014-11-15 13:57 - 2014-11-15 13:57 - 04124640 _____ () C:\Users\Katka\Downloads\zoek.zip
2014-11-15 13:56 - 2014-11-15 14:21 - 00000000 ____D () C:\zoek_backup
2014-11-15 13:56 - 2014-11-15 13:56 - 01294848 _____ () C:\Users\Katka\Downloads\zoek.exe
2014-11-15 13:39 - 2014-11-15 13:44 - 00000000 ____D () C:\AdwCleaner
2014-11-15 13:38 - 2014-11-15 13:38 - 02140160 _____ () C:\Users\Katka\Downloads\adwcleaner_4.101.exe
2014-11-15 13:21 - 2014-11-15 13:22 - 00000000 ____D () C:\rsit
2014-11-15 13:21 - 2014-11-15 13:21 - 01222144 _____ () C:\Users\Katka\Downloads\RSITx64.exe
2014-11-15 13:21 - 2014-11-15 13:21 - 00000000 ____D () C:\Program Files\trend micro
2014-11-12 03:03 - 2014-11-12 03:03 - 00000000 ____D () C:\346146de3a0d3ed821044f2534
2014-11-11 20:26 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 20:26 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 20:26 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 20:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 20:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 20:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 20:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 20:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 20:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 20:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 20:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 20:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 20:25 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 20:25 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 20:25 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 20:25 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 20:25 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 20:25 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 20:25 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 20:25 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 20:25 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 20:25 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 20:25 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 20:25 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 20:25 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 20:25 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 20:25 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 20:25 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 20:25 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 20:25 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 20:25 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 20:24 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 20:24 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-10-27 13:59 - 2014-10-27 13:59 - 00000000 ____D () C:\Users\Katka\AppData\Local\Sony Corporation
2014-10-27 13:56 - 2014-10-27 13:56 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 13:56 - 2014-10-27 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 15:15 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 15:15 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 15:14 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 15:14 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 15:14 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 15:14 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 15:14 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 15:14 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 15:14 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 15:14 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 15:14 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 15:14 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 15:14 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 14:34 - 2013-02-25 12:03 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-15 14:31 - 2012-05-07 15:51 - 00000000 ____D () C:\Users\Katka\AppData\Roaming\uTorrent
2014-11-15 14:30 - 2013-03-15 18:11 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 14:30 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-15 14:30 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-15 14:28 - 2011-12-24 23:43 - 01673914 _____ () C:\Windows\WindowsUpdate.log
2014-11-15 14:25 - 2013-03-15 18:11 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 14:25 - 2013-03-15 18:11 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 14:25 - 2013-03-15 18:11 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-15 14:24 - 2013-07-28 01:49 - 00000000 ___RD () C:\Users\Katka\Dropbox
2014-11-15 14:24 - 2013-07-27 14:30 - 00000000 ____D () C:\Users\Katka\AppData\Roaming\Dropbox
2014-11-15 14:21 - 2014-01-30 20:26 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-11-15 14:21 - 2010-11-21 04:47 - 00291426 _____ () C:\Windows\PFRO.log
2014-11-15 14:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 14:21 - 2009-07-14 05:51 - 00151571 _____ () C:\Windows\setupact.log
2014-11-15 14:14 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-15 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-15 13:49 - 2013-07-28 01:49 - 00001019 _____ () C:\Users\Katka\Desktop\Dropbox.lnk
2014-11-15 13:49 - 2013-07-27 14:31 - 00000000 ____D () C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-15 13:19 - 2012-01-07 13:16 - 00000000 ____D () C:\Users\Katka\AppData\Local\CrashDumps
2014-11-13 20:36 - 2013-02-25 12:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-13 20:36 - 2013-02-25 12:03 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-13 20:36 - 2011-08-19 11:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-13 20:33 - 2011-02-14 21:16 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-11-13 20:33 - 2011-02-14 21:16 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-11-13 20:33 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 20:13 - 2011-12-24 23:46 - 00132256 _____ () C:\Users\Katka\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 20:12 - 2009-07-14 05:45 - 00478224 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 21:56 - 2014-05-01 08:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 21:35 - 2012-01-06 17:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 03:03 - 2013-08-12 14:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 03:03 - 2012-03-12 21:49 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 20:13 - 2013-12-10 23:00 - 00271319 _____ () C:\Windows\IE11_main.log
2014-11-11 20:08 - 2012-01-21 14:05 - 00000000 ____D () C:\Users\Katka\Desktop\fotky
2014-11-10 21:06 - 2013-03-18 21:10 - 00000000 ____D () C:\Users\Katka\Desktop\hudba
2014-11-10 21:06 - 2012-08-30 14:30 - 00000000 ____D () C:\Users\Katka\Desktop\filmy
2014-11-05 20:17 - 2014-02-04 12:22 - 00000000 ____D () C:\Users\Katka\Desktop\platby
2014-11-01 20:33 - 2014-06-21 19:50 - 00000000 ____D () C:\Users\Katka\Desktop\taťka písničky
2014-11-01 20:33 - 2014-04-04 14:00 - 00000000 ____D () C:\The KMPlayer
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 10:25 - 2012-10-28 20:43 - 00000000 ____D () C:\Users\Katka\AppData\Local\PokerStars
2014-10-19 17:44 - 2012-10-28 20:43 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-10-17 14:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
Some content of TEMP:
====================
C:\Users\Katka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplbvlnu.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-28 17:26
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Katka (administrator) on KATKA-VAIO on 15-11-2014 14:42:02
Running from C:\Users\Katka\Downloads
Loaded Profile: Katka (Available profiles: Katka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESGfxMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Dropbox, Inc.) C:\Users\Katka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [947360 2011-07-05] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [797344 2011-07-05] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2801288 2011-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [650080 2011-03-15] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3911099993-2919891390-2577953599-1000\...\Run: [uTorrent] => C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-28] (BitTorrent Inc.)
Startup: C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Katka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {23FC3E82-C48C-4B33-9480-B673B54B58C6} URL = http://rover.ebay.com/rover/1/14361-113 ... earchTerms}
SearchScopes: HKCU - {904EBC3A-6209-43AD-936F-FBB58DE86306} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {C5DA00F1-3BD7-47A8-9144-8578F1DABB38} URL = http://services.zinio.com/search?s={sea ... sonyslices
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
FireFox:
========
FF ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\searchplugins\searchplugins-backup
FF Extension: Centrum doménový pomocník - C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\skzeq6q0.default\Extensions\centrumpomocnik@centrum.cz [2014-03-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://www.centrum.cz/"
CHR Profile: C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-27]
CHR Extension: (Dokumenty Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-27]
CHR Extension: (Disk Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-27]
CHR Extension: (YouTube) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-27]
CHR Extension: (Adblock Plus) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-27]
CHR Extension: (AdBlock) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-27]
CHR Extension: (Peněženka Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-27]
CHR Extension: (Gmail) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [98976 2011-07-05] (Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1369136 2013-09-25] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-21] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2011-06-24] (REDC)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-05-14] ()
S1 jprhebwv; \??\C:\Windows\system32\drivers\jprhebwv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 14:42 - 2014-11-15 14:43 - 00018273 _____ () C:\Users\Katka\Downloads\FRST.txt
2014-11-15 14:41 - 2014-11-15 14:42 - 00000000 ____D () C:\FRST
2014-11-15 14:41 - 2014-11-15 14:41 - 02116608 _____ (Farbar) C:\Users\Katka\Downloads\FRST64.exe
2014-11-15 14:41 - 2014-11-15 14:41 - 00112640 _____ (forum.viry.cz) C:\Users\Katka\Downloads\Nepotvrzeno 649247.crdownload
2014-11-15 14:24 - 2014-11-15 14:24 - 00000000 ___RD () C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-11-15 14:20 - 2014-11-15 13:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-15 13:59 - 2014-11-15 14:23 - 00021000 _____ () C:\zoek-results.log
2014-11-15 13:57 - 2014-11-15 13:57 - 04124640 _____ () C:\Users\Katka\Downloads\zoek.zip
2014-11-15 13:56 - 2014-11-15 14:21 - 00000000 ____D () C:\zoek_backup
2014-11-15 13:56 - 2014-11-15 13:56 - 01294848 _____ () C:\Users\Katka\Downloads\zoek.exe
2014-11-15 13:39 - 2014-11-15 13:44 - 00000000 ____D () C:\AdwCleaner
2014-11-15 13:38 - 2014-11-15 13:38 - 02140160 _____ () C:\Users\Katka\Downloads\adwcleaner_4.101.exe
2014-11-15 13:21 - 2014-11-15 13:22 - 00000000 ____D () C:\rsit
2014-11-15 13:21 - 2014-11-15 13:21 - 01222144 _____ () C:\Users\Katka\Downloads\RSITx64.exe
2014-11-15 13:21 - 2014-11-15 13:21 - 00000000 ____D () C:\Program Files\trend micro
2014-11-12 03:03 - 2014-11-12 03:03 - 00000000 ____D () C:\346146de3a0d3ed821044f2534
2014-11-11 20:26 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 20:26 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 20:26 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 20:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 20:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 20:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 20:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 20:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 20:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 20:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 20:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 20:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 20:25 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 20:25 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 20:25 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 20:25 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 20:25 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 20:25 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 20:25 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 20:25 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 20:25 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 20:25 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 20:25 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 20:25 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 20:25 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 20:25 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 20:25 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 20:25 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 20:25 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 20:25 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 20:25 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 20:25 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 20:25 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 20:24 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 20:24 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-10-27 13:59 - 2014-10-27 13:59 - 00000000 ____D () C:\Users\Katka\AppData\Local\Sony Corporation
2014-10-27 13:56 - 2014-10-27 13:56 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 13:56 - 2014-10-27 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 15:15 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 15:15 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 15:15 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 15:14 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 15:14 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 15:14 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 15:14 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 15:14 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 15:14 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 15:14 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 15:14 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 15:14 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 15:14 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 15:14 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 14:34 - 2013-02-25 12:03 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-15 14:31 - 2012-05-07 15:51 - 00000000 ____D () C:\Users\Katka\AppData\Roaming\uTorrent
2014-11-15 14:30 - 2013-03-15 18:11 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 14:30 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-15 14:30 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-15 14:28 - 2011-12-24 23:43 - 01673914 _____ () C:\Windows\WindowsUpdate.log
2014-11-15 14:25 - 2013-03-15 18:11 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 14:25 - 2013-03-15 18:11 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 14:25 - 2013-03-15 18:11 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-15 14:24 - 2013-07-28 01:49 - 00000000 ___RD () C:\Users\Katka\Dropbox
2014-11-15 14:24 - 2013-07-27 14:30 - 00000000 ____D () C:\Users\Katka\AppData\Roaming\Dropbox
2014-11-15 14:21 - 2014-01-30 20:26 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-11-15 14:21 - 2010-11-21 04:47 - 00291426 _____ () C:\Windows\PFRO.log
2014-11-15 14:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 14:21 - 2009-07-14 05:51 - 00151571 _____ () C:\Windows\setupact.log
2014-11-15 14:14 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-15 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-15 13:49 - 2013-07-28 01:49 - 00001019 _____ () C:\Users\Katka\Desktop\Dropbox.lnk
2014-11-15 13:49 - 2013-07-27 14:31 - 00000000 ____D () C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-15 13:19 - 2012-01-07 13:16 - 00000000 ____D () C:\Users\Katka\AppData\Local\CrashDumps
2014-11-13 20:36 - 2013-02-25 12:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-13 20:36 - 2013-02-25 12:03 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-13 20:36 - 2011-08-19 11:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-13 20:33 - 2011-02-14 21:16 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-11-13 20:33 - 2011-02-14 21:16 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-11-13 20:33 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 20:13 - 2011-12-24 23:46 - 00132256 _____ () C:\Users\Katka\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 20:12 - 2009-07-14 05:45 - 00478224 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 21:56 - 2014-05-01 08:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 21:35 - 2012-01-06 17:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 03:03 - 2013-08-12 14:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 03:03 - 2012-03-12 21:49 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 20:13 - 2013-12-10 23:00 - 00271319 _____ () C:\Windows\IE11_main.log
2014-11-11 20:08 - 2012-01-21 14:05 - 00000000 ____D () C:\Users\Katka\Desktop\fotky
2014-11-10 21:06 - 2013-03-18 21:10 - 00000000 ____D () C:\Users\Katka\Desktop\hudba
2014-11-10 21:06 - 2012-08-30 14:30 - 00000000 ____D () C:\Users\Katka\Desktop\filmy
2014-11-05 20:17 - 2014-02-04 12:22 - 00000000 ____D () C:\Users\Katka\Desktop\platby
2014-11-01 20:33 - 2014-06-21 19:50 - 00000000 ____D () C:\Users\Katka\Desktop\taťka písničky
2014-11-01 20:33 - 2014-04-04 14:00 - 00000000 ____D () C:\The KMPlayer
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 10:25 - 2012-10-28 20:43 - 00000000 ____D () C:\Users\Katka\AppData\Local\PokerStars
2014-10-19 17:44 - 2012-10-28 20:43 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-10-17 14:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
Some content of TEMP:
====================
C:\Users\Katka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplbvlnu.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-28 17:26
==================== End Of Log ============================
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
nejde mi poslat aditional (velky pocet znaku) a ani jako priloha (nepodporuje txt soubory)
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
Zabalte do archivu (rar/zip) a prilozte k dalsi odpovedi.Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
posilam aditional jako pdf
- Přílohy
-
- adt.pdf
- (386.94 KiB) Staženo 55 x
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
Odinstalujte Skype Click to Call- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: HKLM-x32\...\Run: [] => [X] HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {23FC3E82-C48C-4B33-9480-B673B54B58C6} URL = http://rover.ebay.com/rover/1/14361-113 ... h-Q311&kw={searchTerms} SearchScopes: HKCU - {904EBC3A-6209-43AD-936F-FBB58DE86306} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194 SearchScopes: HKCU - {C5DA00F1-3BD7-47A8-9144-8578F1DABB38} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File S1 jprhebwv; \??\C:\Windows\system32\drivers\jprhebwv.sys [X] 2014-11-15 14:41 - 2014-11-15 14:41 - 00112640 _____ (forum.viry.cz) C:\Users\Katka\Downloads\Nepotvrzeno 649247.crdownload 2014-11-15 14:20 - 2014-11-15 13:56 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-11-15 13:59 - 2014-11-15 14:23 - 00021000 _____ () C:\zoek-results.log 2014-11-15 13:57 - 2014-11-15 13:57 - 04124640 _____ () C:\Users\Katka\Downloads\zoek.zip 2014-11-15 13:56 - 2014-11-15 14:21 - 00000000 ____D () C:\zoek_backup 2014-11-15 13:56 - 2014-11-15 13:56 - 01294848 _____ () C:\Users\Katka\Downloads\zoek.exe 2014-11-15 14:30 - 2013-03-15 18:11 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-15 14:25 - 2013-03-15 18:11 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
posílám fixlog
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-11-2014
Ran by Katka at 2014-11-15 15:16:00 Run:1
Running from C:\Users\Katka\Downloads
Loaded Profile: Katka (Available profiles: Katka)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {23FC3E82-C48C-4B33-9480-B673B54B58C6} URL = http://rover.ebay.com/rover/1/14361-113 ... h-Q311&kw={searchTerms}
SearchScopes: HKCU - {904EBC3A-6209-43AD-936F-FBB58DE86306} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {C5DA00F1-3BD7-47A8-9144-8578F1DABB38} URL = http://services.zinio.com/search?s={sea ... sonyslices
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
S1 jprhebwv; \??\C:\Windows\system32\drivers\jprhebwv.sys [X]
2014-11-15 14:41 - 2014-11-15 14:41 - 00112640 _____ (forum.viry.cz) C:\Users\Katka\Downloads\Nepotvrzeno 649247.crdownload
2014-11-15 14:20 - 2014-11-15 13:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-15 13:59 - 2014-11-15 14:23 - 00021000 _____ () C:\zoek-results.log
2014-11-15 13:57 - 2014-11-15 13:57 - 04124640 _____ () C:\Users\Katka\Downloads\zoek.zip
2014-11-15 13:56 - 2014-11-15 14:21 - 00000000 ____D () C:\zoek_backup
2014-11-15 13:56 - 2014-11-15 13:56 - 01294848 _____ () C:\Users\Katka\Downloads\zoek.exe
2014-11-15 14:30 - 2013-03-15 18:11 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 14:25 - 2013-03-15 18:11 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
"HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23FC3E82-C48C-4B33-9480-B673B54B58C6}" => Key deleted successfully.
"HKCR\CLSID\{23FC3E82-C48C-4B33-9480-B673B54B58C6}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{904EBC3A-6209-43AD-936F-FBB58DE86306}" => Key deleted successfully.
"HKCR\CLSID\{904EBC3A-6209-43AD-936F-FBB58DE86306}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C5DA00F1-3BD7-47A8-9144-8578F1DABB38}" => Key deleted successfully.
"HKCR\CLSID\{C5DA00F1-3BD7-47A8-9144-8578F1DABB38}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
jprhebwv => Service deleted successfully.
C:\Users\Katka\Downloads\Nepotvrzeno 649247.crdownload => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Users\Katka\Downloads\zoek.zip => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Katka\Downloads\zoek.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 303.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-11-2014
Ran by Katka at 2014-11-15 15:16:00 Run:1
Running from C:\Users\Katka\Downloads
Loaded Profile: Katka (Available profiles: Katka)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {23FC3E82-C48C-4B33-9480-B673B54B58C6} URL = http://rover.ebay.com/rover/1/14361-113 ... h-Q311&kw={searchTerms}
SearchScopes: HKCU - {904EBC3A-6209-43AD-936F-FBB58DE86306} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {C5DA00F1-3BD7-47A8-9144-8578F1DABB38} URL = http://services.zinio.com/search?s={sea ... sonyslices
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
S1 jprhebwv; \??\C:\Windows\system32\drivers\jprhebwv.sys [X]
2014-11-15 14:41 - 2014-11-15 14:41 - 00112640 _____ (forum.viry.cz) C:\Users\Katka\Downloads\Nepotvrzeno 649247.crdownload
2014-11-15 14:20 - 2014-11-15 13:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-15 13:59 - 2014-11-15 14:23 - 00021000 _____ () C:\zoek-results.log
2014-11-15 13:57 - 2014-11-15 13:57 - 04124640 _____ () C:\Users\Katka\Downloads\zoek.zip
2014-11-15 13:56 - 2014-11-15 14:21 - 00000000 ____D () C:\zoek_backup
2014-11-15 13:56 - 2014-11-15 13:56 - 01294848 _____ () C:\Users\Katka\Downloads\zoek.exe
2014-11-15 14:30 - 2013-03-15 18:11 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 14:25 - 2013-03-15 18:11 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
"HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23FC3E82-C48C-4B33-9480-B673B54B58C6}" => Key deleted successfully.
"HKCR\CLSID\{23FC3E82-C48C-4B33-9480-B673B54B58C6}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{904EBC3A-6209-43AD-936F-FBB58DE86306}" => Key deleted successfully.
"HKCR\CLSID\{904EBC3A-6209-43AD-936F-FBB58DE86306}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C5DA00F1-3BD7-47A8-9144-8578F1DABB38}" => Key deleted successfully.
"HKCR\CLSID\{C5DA00F1-3BD7-47A8-9144-8578F1DABB38}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
jprhebwv => Service deleted successfully.
C:\Users\Katka\Downloads\Nepotvrzeno 649247.crdownload => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Users\Katka\Downloads\zoek.zip => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Katka\Downloads\zoek.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 303.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
Moc děkuji, velmi si cením vaší pomoci. Pěkný den 
Re: Zpomaleny PC, nezadoucí reklama v prohlížeči
Nemate zac, rad jsem pomohl 
Preju Vam prijemny prodlouzeny vikend... mejte se
Preju Vam prijemny prodlouzeny vikend... mejte se
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?