Počítač plný malwaru

Zpráva

Murdoc · #1 Příspěvek od **Murdoc** » 07 pro 2014 20:14

Dobrý den, potřeboval bych vyčistit zanedbaný počítač od havěti. V prohlížeči vyskakují reklamní okna, je změněná domovská stránka, v liště jsou zbytečné toolbary a podobně. Pokusy o přeinstalování nebo obnovení byly neúspěšné. Děkuji předem za pomoc.

přikládám log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by marek at 2014-12-07 20:06:58
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 97 GB (65%) free of 150 GB
Total RAM: 4094 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:07:03, on 7.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\marek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\SysWOW64\mjcm\dnkt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\marek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: LemurLeap - {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files (x86)\LemurLeap\LemurLeapbho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\marek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Handy Updater] "C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/softwa ... Plugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14546 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\system32\dmwu.exe
C:\Windows\SysWOW64\XSrvSetup.exe
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\AppIntegrator64.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
szndesktop.exe default start
"C:\Users\marek\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "632425096-5495790661502697986-275654641-7648911852863039681559970078-1400956718
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
"C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Windows\SysWOW64\mjcm\dnkt.exe"
"C:\Windows\System32\tprb\dnkt.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1 ... J9CB309112
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5324.0.1936944678\261979611" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.2.1135191561\579823048" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.3.5471233\299415781" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.4.1032192431\1881192903" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.5.2073440869\898584845" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.7.1941990681\553282430" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.9.91864771\185591292" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.10.1219231881\2057757458" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5324.12.1113839073\987178434" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.13.458054300\291966439" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.16.170802922\2080335060" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.19.451126916\699769283" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.20.1969091475\212423286" /prefetch:673131151

C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ExtensionInstallVerification/Enforce/GoogleNow/Enable/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5324.21.2143636143\1083075232" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\marek\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\38e95a21-6562-4a93-ace9-b330ebca3e79.job - C:\Program Files (x86)\HD01-V2.1V22.09\38e95a21-6562-4a93-ace9-b330ebca3e79.exe 002128 2D86F3ED698F4FD7AB9612EDF1FD787DIE 63831 1411408603 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 HD01-V2.1V22.09
C:\Windows\tasks\55154b6a-574f-4b32-995b-1aea35db1e57-11.job - C:\Program Files (x86)\HD01-V2.1V22.09\55154b6a-574f-4b32-995b-1aea35db1e57-11.exe /rawdata=X5+XN22Im+0Zd+b43zszdMWCSt+eKufTx4aXG4AQ/OtXlCOxLmDuV3eeSDrPlfzbVboqLuMRm2rgFBgetVfl2TcR11bG3p5imEqZ6GTliQTdcr5uUm0gcBjZK8E4pMRWqceP6FBgbbnKuJO/OvYF5VvPWRux8Xu/dpUL3qmrkvMScgxqvMMhKB7UpoJQ6WlRpL3A23kkOgWAAHiWIe6Mk3h33Uw7/SkoI3xNtBfRd44Bc5WOiP9s2EXb6OxX1ZaEoxi639DBndiZ/5c0toqRmPcjBhpViLYzcn33D/Drg4Vbu5Z1z+gj5aUsEe/WeB+zNdrlk+IncIlWQPETIsBE6g37JN+91pOpuYhF+b46RZ3SCOgqtH1NNrypx7aj2GEpeVerZUZgjFOLHqdBfrDaNdqPWzj5WSfKEtQO3tcTcG7zWOw9cvrFpCAKjFlc6YFukNmVFViHzHqJdkl3b4ijWqnTNCmJRPvrCEVwW9Hnlzf9SCaZCfUgw+ZK8SnViCyEKvArWIcN0VSSTlzpuvL2Too/y77Zxsxt0r77i3PqxfvX/qgBa2cpLDwvU8+O/mJJ3XTgGjmDi0Uhj84ONUElicDenQd3CQBd+J4TIqJ9qL2sdwKmV+uNcI3hWv2cNiES2MnCjS2lL+Fr28dVtXSagQl/re/O5rPkYxkZ4sGR3nWoyhqA1MO4tPKli8QU3CajTJwaU04/IY6Dgo8XCxP9PQqjyCV4wMmJLx8mgLcmQKfoXxZaH06PutbNh95VusqMSU3xN/JA2SSPz50cKhkDWAmZZ8DMeHhvwaYBUEuSWOz/mZL9LOV6GLB3+4JTUo44ibb8K7rF1ousXTadUE8JDx0+uVR3qyEF6WOx0e5kwSFxQXKo+ALOpDvD9ju2LTEkgNjgzAdZX5ABcUHF+dCbvfPnjsCBvsHbiqWUYkieAiibR59iD+NrEdDSBdQuV2EuxXMj9CmrofflZVRiMWKGXkxuTEqB/quJFgBsJtgJYTENJXdvJlIaDMZLcOOG1VYZiPvyF4FbUkUEwL1Pqu/OFGjrOpdzj0hw5ghRGjqVRi8uAWRsPd/xVENZMsVYIX8nhfQBHCbIlM5IAtguTfNElDtNMJ26ebKvvvqaHzCtOy0CdBi49IwC9tJLYlR0hqm6Ip24VYv6DT21eDT7kCptIEr89iCmRrJ6/5Q0W+6qZSiNmOoqUHvVGAXx2QT7s/5XPh6m0JjUS5BhZGes07uuu4zokI/6ceC+wXxGMf9BOQeFqiSebz4qxxf1KQrvFdIbGhV5fFqi521B4GPCF4nWs2r7fIeB37x2nbE1ORFwT2psbUscwIAl1cFY6z8vdHWiuj84BmOqtHfh/ux6A2gsvWhSIgsNWo9ayU2tBgYVRdcifqNsHRIGHDuuIBtHkh0Vlrl5rvWgRDp8YYQYIk8QwhperFrQn8y2vB4PQ4orbY0nh3So/M4WQW9OVExGVjRGqT6lovqxUwh1kGq6Ke2vvwPJIbqKWl0ThYdkkq82pNWyFZB6HrCqJA8/NzUuHjAzRuTWZLlsrbZi7CgqYnlt17KMnTuHSseRqL96HnRKrLEgLYRNnqhIcZn6CLTBTj2S4lw96AJQAFU7Zeix55aPsXtrzpTmF8xTHtqgGDwnqXTWATtC1QVOsHBuSNNmnnk4ORUlhHpC2zaxhgP3TxdsaQ0J7lnd/ms5cu1rnDxYqbNBpJydzhnlKfI+8GZPCmCE44F5IRGGiPlhic344tpK59IcrwZllN5Tw/2KOoOCTIC1p0JbFaHeS+NOOtm9O0Wq0TVlxV9rxqNRRHGue/0AfMpfW5W+ZTpi6NvsJt6OvefvQ/ov/Tv2YIOASoGJgkZRot1TrPUTp5876q3uOdSoIgLIQKz0tnxSYwUILKLlUTPtj2o1W316iul072Cbv3Vhx+uAwczqulqcMaWwUglS9Jtgfxjr0d+CO37FYhgSCt1exnLtlY3HaYsGRlLR06sK5KlJz2QLz1K9BpAG9sE9n7YOklXg/IDuzDsQtBa0xL18Zp+FwOyRqBsF+FpreglQ
C:\Windows\tasks\55154b6a-574f-4b32-995b-1aea35db1e57-3.job - C:\Program Files (x86)\HD01-V2.1V22.09\55154b6a-574f-4b32-995b-1aea35db1e57-3.exe /rawdata=aFZzRRPyEc5J+u2BDpssJvVQB3u8xFLSynJnlw/N6pTIbqQT8CEBaQphGsQ9r1P9mX6N+7hEV2R2NBhPxrMpVL/2i/vKMtwZKrzFSF+zKy7e8xUIl+pNOz5stOZGrHXHHifegYZxPMRwzvmrNBifpUp4143ti2ybhVjnluv2Tk5QvNU8wlAW/Vaq20Q19CDy/dgfjy+4JRmzvHkpcYtNBNOYgu00z1i1OnOFerlAz6QP+EkQtg2XIv9YTviU8QMlEWR2y3t+OfQdqk1bnw6Z488g5YSIfAPmH3Gvx+H07sJ4R6qRE/tyvWwolCqhPf9oxsE2YtS1nG/amhbU/M+p2ykKhxPmOUjmoluxDKo33PQzfhdFGUC+wxGAALBGAYL9qo0gkj7iPG6aq5Cx/5fzjp/6Mz9odrPtBr12W/8EzUMxHO24PdoOcc4E8Sv1IOGZRQfOtMMOw4tX1qFU6LcOvqqkN7a9mE+ddMf/cFDyrz7kuWPe31drugatvtmPXEhshAViAMc7yqG3+efGyDaYZGf8w5kPS9pTrIkJjNvkkvVGYyTyrjqsApDv59q92AFVa3OL1youcXCX1fuqAKs+KbWJ3KzO30qwekeHhA2yiUjuG3VE0msdcYlWxIUVzcZWEn15kawDV+7mrGUnrEDuMjI1KB9oGtTim83SrAY5FDpn7+qpdVLq20YXdCdACWf7tHSj4S+lwDyOpO6gOoZ9bHDgeAIxC852OWJsloa6/7Lso+JBAZ7WVsbgRvHGAg+FTQRGPRfQ0EDdJ1kY7OzVTcTyTj59T3bFA476H4zXWecQC3XyX8g+wPOO3g9+QwIgqS4NEO1b/HX+GWUri39VxxMB6UfspeNdofr/MdHmcygH2PyJSHyplqU9N0FodqmphPUjv7u9E7kaZ1DGP3HaYprhz5Fmb5p/XlzAbjWXwIuP41/o/L3AjX8AdY95HW748ZTh2DBOGg2hARho3liOulQ9gx8KGPbTN4+IIG1gKiCCen9KjqKBkqkH1zC3/HP5todpJE4BFsTRMXRkcxSPKjKwxFGIPMfXQ+OQ99D6vnDWpg26rywfWxiCH5aJC1yoq6MHrzBj4C+8QmeGf7LUoxom+kJlxuqxHG0hxclRN1YoJZSeX3cLP81cl0meFWmpPP5B618hNdoDS3+s9LwDeWUxYjv/ARo8nSmdHfZhuPceK3/z/2vxffDWeHLrznGg72YHQRQQkMQbZH29GwGUwkkujEGihg8SHpvCgYuLDQoTa1VX8BGwYcGzECoF6FcyuvUskUFlRUpbWW/jKhMIsv1uVzA0JZ3W/G1Kx37Sut9Wtuqqn2uFWuOFjq/vuZoCFxwfV1MqY2YIodtQVUJKfLtt7DojYhoKGrwx4zByE6B/mrjqPDHAITaamLcOEq1kCXldUjIeDSOEBU/q1hYolMAVxNeCeGJ3qZXlTPmWftDLGhgI80tPf3gXaXkk8gMxP6uF/tVtJF/OiI8RG+iMQBqZ8m7doihGqDkJFz8k2qqZxIk6+ltHvhkAF66uaHWAFopjz0CJJz3iBfr3XSolG0sKcAo7E2loiMjROzeO0FaM72fjtC/X+0U/c0+6WvZIum2+2bgynIxy8OcX0Em+W5qEhxPX/oPo5pT0qOXL+qwqFL0x6k2R47vgkhZ1O3aYeHNsDiHfxL3XemIJiwHJqyjakUIIcel0Ws2YIdqbWlU=
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AmiUpdXp.job - C:\Users\marek\AppData\Local\16929\Updater.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\temp_38e95a21-6562-4a93-ace9-b330ebca3e79.job - C:\Program Files (x86)\HD01-V2.1V22.09\38e95a21-6562-4a93-ace9-b330ebca3e79.exe 002128 2D86F3ED698F4FD7AB9612EDF1FD787DIE 63831 1411408603 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 HD01-V2.1V22.09

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-0076-A76A-76A7-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]
Splashtop Connect VisualBookmark - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PRO [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{415419c3-dad0-4df1-ac37-22c72ad81878}]
LemurLeap - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Pro [2012-12-03 6527128]
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Pro [2012-12-03 6527128]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Pro [2012-12-03 6527128]
{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - SiteFinder - C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Pro [2012-12-03 6527128]
"AdobeAAMUpdater-1.0"=C:\Pro [2012-12-03 6527128]
"VideoDownloadConverter Home Page Guard 64 bit"=C:\PRO [2012-12-03 6527128]
""= []
"AdAwareTray"=C:\Pro [2012-12-03 6527128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Pro [2012-12-03 6527128]
"cz.seznam.software.autoupdate"=C:\Users\marek\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Handy Updater"=C:\Pro [2012-12-03 6527128]
"swg"=C:\Pro [2012-12-03 6527128]
"TomTomHOME.exe"=C:\Pro [2012-12-03 6527128]
"CCleaner Monitoring"=C:\Pro [2012-12-03 6527128]
"Web Companion"=C:\Pro [2012-12-03 6527128]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"STCAgent"=C:\Pro [2012-12-03 6527128]
"ZyngaGamesAgent"=C:\Pro [2012-12-03 6527128]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"Adobe ARM"=C:\Pro [2012-12-03 6527128]
"WinampAgent"=C:\Pro [2012-12-03 6527128]
""= []
"ApnUpdater"=C:\Pro [2012-12-03 6527128]
"SweetIM"=C:\Pro [2012-12-03 6527128]
"Sweetpacks Communicator"=C:\Pro [2012-12-03 6527128]
"seznam-listicka-distribuce"=C:\Pro [2012-12-03 6527128]
"VideoDownloadConverter Search Scope Monitor"=C:\PRO [2012-12-03 6527128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-07 20:06:58 ----D---- C:\rsit
2014-12-07 20:06:58 ----D---- C:\Program Files\trend micro
2014-12-02 06:50:27 ----A---- C:\awh6F07.tmp
2014-12-01 16:16:04 ----A---- C:\awh690E.tmp
2014-12-01 12:21:07 ----A---- C:\awhFD9.tmp
2014-12-01 09:11:42 ----A---- C:\awh139F.tmp
2014-11-30 07:42:48 ----A---- C:\awh7AD.tmp
2014-11-29 16:43:02 ----A---- C:\awh3D9B.tmp
2014-11-28 20:35:20 ----A---- C:\awh20F7.tmp
2014-11-28 16:39:30 ----A---- C:\Windows\SYSWOW64\installd.exe
2014-11-28 16:39:12 ----A---- C:\Windows\SYSWOW64\hfnapi.dll
2014-11-28 16:39:02 ----A---- C:\Windows\SYSWOW64\hfpapi.dll
2014-11-26 20:50:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-11-19 11:57:21 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 11:57:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 11:57:21 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 11:57:21 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 11:55:45 ----A---- C:\awh3B3B.tmp
2014-11-19 08:20:57 ----A---- C:\awh7703.tmp
2014-11-18 18:19:44 ----A---- C:\awh705E.tmp
2014-11-18 14:35:31 ----A---- C:\awh6E3C.tmp
2014-11-17 16:57:31 ----A---- C:\awh2F49.tmp
2014-11-16 13:52:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-16 13:52:18 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-16 13:52:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-16 13:52:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-16 13:52:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-16 13:52:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-16 13:52:18 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-16 13:52:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-16 13:52:18 ----A---- C:\Windows\system32\iernonce.dll
2014-11-16 13:52:18 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-16 13:52:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-16 13:52:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-16 13:52:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-16 13:52:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-16 13:52:17 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-16 13:52:17 ----A---- C:\Windows\system32\msrating.dll
2014-11-16 13:52:17 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-16 13:52:17 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-16 13:52:17 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-16 13:52:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-16 13:52:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-16 13:52:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-16 13:52:15 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-16 13:52:15 ----A---- C:\Windows\system32\iesetup.dll
2014-11-16 13:52:14 ----A---- C:\Windows\system32\ieui.dll
2014-11-16 13:52:14 ----A---- C:\Windows\system32\iertutil.dll
2014-11-16 13:52:13 ----A---- C:\Windows\system32\ieframe.dll
2014-11-16 13:52:12 ----A---- C:\Windows\system32\wininet.dll
2014-11-16 13:52:12 ----A---- C:\Windows\system32\mshtml.dll
2014-11-16 13:52:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-16 13:52:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-16 13:52:10 ----A---- C:\Windows\system32\jscript9.dll
2014-11-16 13:52:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-16 13:52:08 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-16 13:52:08 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-11-16 13:52:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-16 13:52:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-16 13:52:08 ----A---- C:\Windows\system32\vbscript.dll
2014-11-16 13:52:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-11-16 13:52:08 ----A---- C:\Windows\system32\jscript.dll
2014-11-16 13:52:08 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 19:28:15 ----D---- C:\searchplugins
2014-11-15 19:28:06 ----A---- C:\prefs.js
2014-11-15 19:23:49 ----D---- C:\Users\marek\AppData\Roaming\LavasoftStatistics
2014-11-15 19:23:37 ----A---- C:\Windows\SYSWOW64\LavasoftTcpServiceOff.ini
2014-11-15 19:23:37 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.ini
2014-11-15 19:23:37 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-15 19:23:31 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2014-11-15 19:23:25 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2014-11-15 19:23:04 ----D---- C:\Program Files (x86)\Lavasoft
2014-11-15 19:22:11 ----D---- C:\Users\marek\AppData\Roaming\Lavasoft
2014-11-15 19:19:45 ----D---- C:\Program Files\Lavasoft
2014-11-15 19:18:11 ----D---- C:\Program Files\Common Files\Lavasoft
2014-11-15 19:17:08 ----D---- C:\ProgramData\Lavasoft
2014-11-15 19:16:12 ----A---- C:\awh667.tmp
2014-11-15 18:55:40 ----A---- C:\awh878.tmp
2014-11-15 15:21:16 ----A---- C:\awh51E.tmp
2014-11-15 13:23:54 ----A---- C:\awhCEB.tmp
2014-11-15 12:35:13 ----A---- C:\awh9C.tmp
2014-11-15 09:30:51 ----A---- C:\awh4DD1.tmp
2014-11-13 14:36:25 ----A---- C:\awh231A.tmp
2014-11-12 16:11:26 ----A---- C:\awh8B8C.tmp
2014-11-12 14:49:47 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 14:49:47 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 14:49:47 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 14:49:47 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 14:49:47 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 14:49:47 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 14:49:47 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 14:49:47 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 14:49:47 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 14:48:18 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 14:48:17 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 14:48:17 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 14:48:17 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 14:48:16 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 14:48:16 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 14:48:16 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 14:48:16 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 14:48:16 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 14:48:16 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 14:48:16 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 14:48:16 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 14:48:16 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 14:48:16 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 14:48:16 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 14:48:16 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 14:48:14 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 14:48:14 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 14:48:14 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 14:48:14 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 14:48:14 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 14:48:14 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 14:48:14 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 14:48:14 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 14:48:14 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 14:48:14 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 14:48:09 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 14:48:09 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 14:48:09 ----A---- C:\Windows\system32\packager.dll
2014-11-12 14:48:07 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 14:48:07 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 14:46:17 ----A---- C:\awh4B3.tmp
2014-11-11 15:36:02 ----A---- C:\awh30C.tmp
2014-11-10 18:15:41 ----A---- C:\awhFC29.tmp
2014-11-10 14:23:36 ----A---- C:\awhF90D.tmp
2014-11-09 09:41:18 ----A---- C:\awh59B.tmp
2014-11-08 18:04:54 ----A---- C:\awh2BE.tmp
2014-11-08 16:43:33 ----A---- C:\awhFD13.tmp
2014-11-08 10:36:09 ----A---- C:\awh195.tmp

======List of files/folders modified in the last 1 month======

2014-12-07 20:07:01 ----D---- C:\Windows\Prefetch
2014-12-07 20:06:59 ----D---- C:\Windows\Temp
2014-12-07 20:06:58 ----RD---- C:\Program Files
2014-12-07 18:30:43 ----D---- C:\Windows\system32\config
2014-12-07 18:21:46 ----D---- C:\Users\marek\AppData\Roaming\Seznam.cz
2014-12-07 18:21:03 ----D---- C:\Windows\System32
2014-12-07 18:21:03 ----D---- C:\Windows\inf
2014-12-07 18:21:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-07 18:16:34 ----D---- C:\Windows\SysWOW64
2014-12-07 18:16:29 ----D---- C:\ProgramData\NVIDIA
2014-12-05 16:43:11 ----D---- C:\Windows\system32\catroot2
2014-12-05 16:43:07 ----SHD---- C:\System Volume Information
2014-12-03 18:19:38 ----D---- C:\Windows\system32\NDF
2014-12-03 14:20:14 ----D---- C:\Windows\system32\drivers
2014-11-26 20:50:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-19 14:07:52 ----D---- C:\Windows\winsxs
2014-11-19 11:55:29 ----D---- C:\Windows\system32\catroot
2014-11-17 12:43:04 ----D---- C:\Users\marek\AppData\Roaming\vlc
2014-11-17 08:47:25 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-17 08:47:24 ----D---- C:\Program Files\Internet Explorer
2014-11-16 17:00:14 ----D---- C:\Windows\rescache
2014-11-16 13:47:28 ----SHD---- C:\Windows\Installer
2014-11-16 13:47:23 ----RD---- C:\Program Files (x86)
2014-11-16 13:47:23 ----HD---- C:\ProgramData
2014-11-15 20:10:47 ----D---- C:\Windows
2014-11-15 19:39:50 ----D---- C:\ProgramData\WPM
2014-11-15 19:38:34 ----D---- C:\Program Files (x86)\SupTab
2014-11-15 19:18:11 ----D---- C:\Program Files\Common Files
2014-11-15 19:05:45 ----D---- C:\Windows\SYSWOW64\migration
2014-11-15 19:05:45 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 19:05:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 19:05:45 ----D---- C:\Windows\system32\migration
2014-11-15 19:05:45 ----D---- C:\Windows\system32\en-US
2014-11-15 19:05:45 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 19:05:45 ----D---- C:\Windows\PolicyDefinitions
2014-11-15 18:58:05 ----D---- C:\Users\marek\AppData\Roaming\istartsurf
2014-11-15 18:54:48 ----D---- C:\Windows\system32\Tasks
2014-11-15 18:54:48 ----D---- C:\Program Files\CCleaner
2014-11-15 18:53:30 ----D---- C:\Windows\SoftwareDistribution
2014-11-15 18:52:22 ----D---- C:\Users\marek\AppData\Roaming\Winamp
2014-11-15 18:52:08 ----D---- C:\Windows\Minidump
2014-11-15 18:52:08 ----D---- C:\Windows\debug
2014-11-12 16:46:08 ----D---- C:\Windows\Microsoft.NET
2014-11-12 16:46:02 ----RSD---- C:\Windows\assembly
2014-11-12 15:52:32 ----D---- C:\Windows\system32\MRT
2014-11-12 15:49:44 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-07-03 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-12-07 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-02 2536040]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-11-20 75776]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-11-20 177152]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-11-12 155752]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
S3 a7c9c8g2;a7c9c8g2; C:\Windows\system32\drivers\a7c9c8g2.sys []
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2013-01-29 30528]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2014-07-10 389240]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-19 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-19 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-19 33792]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Pro [2012-12-03 6527128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\Pro [2012-12-03 6527128]
R2 ES lite Service;ES lite Service for program management.; C:\Pro [2012-12-03 6527128]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2014-09-17 2930992]
R2 JMB36X;JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Pro [2012-12-03 6527128]
R2 LavasoftTcpService;LavasoftTcpService; C:\Pro [2012-12-03 6527128]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 SCBackService;Splashtop Connect Service; C:\Pro [2012-12-03 6527128]
R2 SearchProtectionService;IE Search Set; C:\Pro [2012-12-03 6527128]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Pro [2012-12-03 6527128]
R2 TomTomHOMEService;TomTomHOMEService; C:\Pro [2012-12-03 6527128]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PRO [2012-12-03 6527128]
R2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service; C:\Pro [2012-12-03 6527128]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service; C:\Pro [2012-12-03 6527128]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\Pro [2012-12-03 6527128]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Pro [2012-12-03 6527128]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Pro [2012-12-03 6527128]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26 267440]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Pro [2012-12-03 6527128]
S3 gusvc;Google Software Updater; C:\Pro [2012-12-03 6527128]
S3 IDriverT;InstallDriver Table Manager; C:\Pro [2012-12-03 6527128]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Pro [2012-12-03 6527128]
S3 odserv;Microsoft Office Diagnostics Service; C:\Pro [2012-12-03 6527128]
S3 ose;Office Source Engine; C:\Pro [2012-12-03 6527128]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-04 1255736]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 07 pro 2014 20:22

Prijemny nedelni vecer Vam preju

Odinstalujte

McAfee Security Scan
Google Toolbar
Seznam Software - listicka, postak apod.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

spustte jako spravce
do velkeho okna zkopirujte script uvedeny nize
kliknete na Run script
po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
```
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
```

Murdoc · #3 Příspěvek od **Murdoc** » 10 pro 2014 19:20

Díky za tipy. Přiznávám, že jsem v tomto ohledu úplný začátečník. Přesto myslím se mi podařilo dle vašich instrukcí získat oba logy. Snad sem to nepos...

Zoek.exe v5.0.0.0 Updated 08-December-2014
Tool run by marek on st 10.12.2014 at 19:01:01,91.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\marek\Downloads\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

10.12.2014 19:01:48 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~2\TomTom DesktopSuite deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\Solidshield deleted successfully
C:\Users\marek\AppData\Local\VirtualStore deleted successfully
C:\Users\marek\AppData\Local\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2854584554-3035274672-59398493-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2854584554-3035274672-59398493-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\4zffxtbr@VideoDownloadConverter_4z.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\xz123@ya456.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@RichMediaViewV1release1276.net deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\marek\AppData\Local\16929 deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\20092 deleted
C:\Users\marek\AppData\LocalLow\uTorrentBar deleted
C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted
C:\PROGRA~2\sweetpacks bundle uninstaller_SweetPlayer_1348381 deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\awh1035.tmp deleted
C:\awh1054.tmp deleted
C:\awh10C2.tmp deleted
C:\awh116D.tmp deleted
C:\awh139F.tmp deleted
C:\awh142B.tmp deleted
C:\awh14A8.tmp deleted
C:\awh14F6.tmp deleted
C:\awh1506.tmp deleted
C:\awh1554.tmp deleted
C:\awh1555.tmp deleted
C:\awh1592.tmp deleted
C:\awh160F.tmp deleted
C:\awh165D.tmp deleted
C:\awh18EC.tmp deleted
C:\awh195.tmp deleted
C:\awh1B4.tmp deleted
C:\awh1C4.tmp deleted
C:\awh1D4.tmp deleted
C:\awh1E78.tmp deleted
C:\awh20F7.tmp deleted
C:\awh2319.tmp deleted
C:\awh231A.tmp deleted
C:\awh28F.tmp deleted
C:\awh2AE.tmp deleted
C:\awh2BE.tmp deleted
C:\awh2F49.tmp deleted
C:\awh30C.tmp deleted
C:\awh379.tmp deleted
C:\awh3B3B.tmp deleted
C:\awh3D9B.tmp deleted
C:\awh3E.tmp deleted
C:\awh472.tmp deleted
C:\awh4AA6.tmp deleted
C:\awh4B1.tmp deleted
C:\awh4B2.tmp deleted
C:\awh4B3.tmp deleted
C:\awh4DD1.tmp deleted
C:\awh4EF.tmp deleted
C:\awh51E.tmp deleted
C:\awh53D.tmp deleted
C:\awh59B.tmp deleted
C:\awh666.tmp deleted
C:\awh667.tmp deleted
C:\awh690E.tmp deleted
C:\awh6E2.tmp deleted
C:\awh6E3C.tmp deleted
C:\awh6F07.tmp deleted
C:\awh705E.tmp deleted
C:\awh75F.tmp deleted
C:\awh7703.tmp deleted
C:\awh77E.tmp deleted
C:\awh7AD.tmp deleted
C:\awh7C.tmp deleted
C:\awh80B.tmp deleted
C:\awh878.tmp deleted
C:\awh8A7.tmp deleted
C:\awh8B8C.tmp deleted
C:\awh8D6.tmp deleted
C:\awh962.tmp deleted
C:\awh9C.tmp deleted
C:\awh9CF.tmp deleted
C:\awh9D0.tmp deleted
C:\awhA321.tmp deleted
C:\awhA3C.tmp deleted
C:\awhA3D.tmp deleted
C:\awhA8A.tmp deleted
C:\awhAF8.tmp deleted
C:\awhB07.tmp deleted
C:\awhB17.tmp deleted
C:\awhB46.tmp deleted
C:\awhB588.tmp deleted
C:\awhBB3.tmp deleted
C:\awhBC2.tmp deleted
C:\awhC30.tmp deleted
C:\awhC31.tmp deleted
C:\awhCEB.tmp deleted
C:\awhD0A.tmp deleted
C:\awhD39.tmp deleted
C:\awhD806.tmp deleted
C:\awhD87.tmp deleted
C:\awhDA66.tmp deleted
C:\awhDB6.tmp deleted
C:\awhDD24.tmp deleted
C:\awhE32.tmp deleted
C:\awhE71.tmp deleted
C:\awhEBF.tmp deleted
C:\awhF90D.tmp deleted
C:\awhF99.tmp deleted
C:\awhF9F7.tmp deleted
C:\awhFAA3.tmp deleted
C:\awhFAF1.tmp deleted
C:\awhFB00.tmp deleted
C:\awhFB8.tmp deleted
C:\awhFC19.tmp deleted
C:\awhFC29.tmp deleted
C:\awhFC86.tmp deleted
C:\awhFD03.tmp deleted
C:\awhFD13.tmp deleted
C:\awhFD61.tmp deleted
C:\awhFD8.tmp deleted
C:\awhFD80.tmp deleted
C:\awhFD9.tmp deleted
C:\awhFDFD.tmp deleted
C:\awhFEB8.tmp deleted
C:\awhFEF6.tmp deleted
C:\awhFF16.tmp deleted
C:\awhFF54.tmp deleted
C:\awhFF83.tmp deleted
C:\prefs.js deleted
C:\Users\marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\337 GAMES.lnk deleted
C:\Users\marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\337 GAMES.lnk deleted
C:\Users\marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\337 GAMES.lnk deleted
C:\Users\marek\AppData\Roaming\Splashtop deleted
C:\PROGRA~3\Splashtop deleted
C:\Users\marek\Downloads\iLividSetup-r1720-n-bc.exe deleted
C:\Users\marek\Downloads\SweetIMSetup.exe deleted
C:\Users\marek\Downloads\SoftonicDownloader_for_talking-tom-cat.exe deleted
C:\Users\marek\AppData\LocalLow\SkwConfig.bin deleted
C:\windows\SysNative\tasks\temp_38e95a21-6562-4a93-ace9-b330ebca3e79 deleted
C:\Windows\tasks\temp_38e95a21-6562-4a93-ace9-b330ebca3e79.job deleted
C:\Windows\Syswow64\mjcm deleted
C:\windows\SysNative\tprb deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\hfnapi.dll deleted
C:\Users\Public\Desktop\MP3 Downloader.lnk deleted
C:\Users\marek\Desktop\Continue installation - %appname% Installation.lnk deleted
C:\Users\marek\Desktop\337 GAMES.lnk deleted
"C:\Windows\Installer\6d09b.msi" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\plugins\zyngagames\ZyngaGames.dll" deleted
"C:\PROGRA~2\Splashtop" not deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect Firefox Software Updater" not deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect IE Software Updater" not deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\plugins" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\plugins\zyngagames" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\marek\AppData\Local\Temp ====
2014-12-10 17:41:17 091235F94956B7824F2FDC73E0288BB1 534528 ----a-w- C:\Users\marek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2014-12-10 17:38:40 CF95932C00190451115C782E139DE582 264488 ----a-w- C:\Users\marek\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll
2014-12-10 17:38:40 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\marek\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe
2014-12-10 17:38:40 87AA773F15D90973090D4DF76F8E60EF 565808 ----a-w- C:\Users\marek\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll
2014-12-10 17:38:40 2AA753368BF68871962D2E99B8692985 153760 ----a-w- C:\Users\marek\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll
2014-12-10 17:38:40 14E9947D26B0A418AA02F87741E4B40B 769736 ----a-w- C:\Users\marek\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll
2014-11-28 18:32:01 E9A1E88EB45D2F0BBFD98EFF7DE42ACF 765440 ----a-w- C:\Users\marek\AppData\Local\Temp\srv83385.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-12-10 14:21:47 50F36BAEDF56CCC4367C975451479211 14364672 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-12-10 14:21:45 DEE4ECED282D6F1F067F49E216EBE789 361984 ----a-w- C:\Windows\SysWOW64\html.iec
2014-12-10 14:21:44 727A70DA965A764353985C2FA8082A4F 13758976 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-12-10 14:21:43 A224B820E7C9C6DAFBF583B9B789A2FC 523264 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-12-10 14:21:43 924D4E490B8772F4A4D9350F72756784 1181696 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-12-10 14:21:43 36897C279E22BC5671B6CFB70B86D092 2054656 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-12-10 14:21:43 2BB8BC3DF1BE3F384931021E7D8331E4 1762816 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-12-10 14:21:42 F47A0D87C71BE0A02AA651631DFD2D19 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-12-10 14:21:42 B2D53AF974D63457079519E85DB0BDCA 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
2014-12-10 14:21:42 B14D3A6181DF913518E118820660EEB8 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 14:21:42 AE1DFAAA1C6F63458781818FC7B91F5E 1441280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 14:21:42 AB6BCCAD359BC856D25DE8E24EDEB28B 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2014-12-10 14:21:42 9C81053094E0E261BEB00F819BF2FD11 2861568 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-12-10 14:21:42 37BE69922168AFB6FE670130DDFB5B89 226816 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 14:21:41 D212F4FC0125511F78605CA25BCF2118 80384 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 14:21:41 A1246471DC24E227A692AAAA1E6E4E19 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 14:21:41 95DB60B7C34D03BF5AD29108DA33B986 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 14:21:41 8CFF3C79C48458398A9B33B85977EF0C 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-10 14:21:41 7DC8C56ACCB1E924AA280BC4DE36E3A7 357888 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 14:21:41 54B6FF5C83264E126F452B67C6A6D227 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-12-10 14:21:41 4A982801D55D2BA46CB449E05419864D 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-12-10 14:21:41 45F9ADEC5CDE7EF2E163456B607A5468 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-12-10 14:21:41 0E75B6A37993DCF97D1C50C1EABE0EEE 226816 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 14:21:17 E1456E7396022EBE4E5434188D1AC8B0 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2014-11-26 19:50:04 CE264DCB3C45C06F6F04CBB37F9EB948 3540144 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-12-10 14:21:48 BCF7FA61D9CAC73246D82137638D5DC6 19283456 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-12-10 14:21:45 8BCC246F6A71B89339F4EE5513D2EAA5 441856 ----a-w- C:\Windows\Sysnative\html.iec
2014-12-10 14:21:45 3CE2333D4AFD1CC0A5CBD180786A2306 15400960 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-12-10 14:21:43 C6149EF71171F2A592F0B2599212ECB0 600576 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-12-10 14:21:43 BA2432BDE57C27673047F09F77E2B06B 2655232 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-12-10 14:21:43 B3368AE3156B28B10566C511B0F4F328 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-12-10 14:21:43 AB60DE2BADBBAB609AEB45DFF8A0B348 1409536 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-12-10 14:21:43 A1A85CF86615203447E05F81D84EFEA2 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
2014-12-10 14:21:43 7E5EFE2543E98D7D6A6557ED704D3DD6 2237952 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-12-10 14:21:42 E97428B9E1D014FC8423D4C8652027E4 255488 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-12-10 14:21:42 E79F88BD7D3B0030831A33895D2EC48C 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-12-10 14:21:42 DE95F90F4CBBB7B61BBADA7CCDAECBD8 97280 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-12-10 14:21:42 D9EEE1D8F9437EAF419225344FA33F56 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2014-12-10 14:21:42 B2AB6177F165F6406C1FF584DBEBBFA8 526336 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-12-10 14:21:42 ACCABC53006CD62D6110E84A340FEFB9 1509376 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-12-10 14:21:41 D3486D21223EA67722342F414E8625AF 451584 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-12-10 14:21:41 A0DCEB078020B6D0D7AB3512A0F59D6C 281600 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-12-10 14:21:41 9F518C52560E54F667D4BA807B6EE0E2 197120 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-12-10 14:21:41 51208D0F32FFE944C7FDD875CF2F7298 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2014-12-10 14:21:41 4FE1C342399D0C7D6A86F426688F6A91 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-12-10 14:21:41 4EF2DC6E6926F9C8E57E1022358A34E3 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-12-10 14:21:41 30EBCA6157B0A6D6F73385EBAC2FA712 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-12-10 14:21:41 2FF748C3C69BB00450B29665A7C29C63 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-12-10 14:21:41 0EDBA99E21EDEB959884797642C07F29 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-12-10 14:21:17 A9A0BFD706B3A24C403EEFEB0790D011 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
====== C:\Windows\Sysnative\drivers =====
2014-11-12 13:49:47 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-12-07 19:06:58 -------- d-----w- C:\Program Files\trend micro
2014-11-15 18:19:45 -------- d-----w- C:\Program Files\Lavasoft
2014-11-15 18:18:11 -------- d-----w- C:\Program Files\Common Files\Lavasoft
======= C:\PROGRA~2 =====
2014-11-15 18:23:04 -------- d-----w- C:\PROGRA~2\Lavasoft
======= C: =====
====== C:\Users\marek\AppData\Roaming ======
2014-11-15 18:42:13 EE56584F921140C1EDBB3E3BE3636434 536440 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2014-11-15 18:23:49 -------- d-----w- C:\Users\marek\AppData\Roaming\LavasoftStatistics
2014-11-15 18:23:41 -------- d-----w- C:\Users\marek\AppData\Local\Lavasoft
2014-11-15 18:22:11 -------- d-----w- C:\Users\marek\AppData\Roaming\Lavasoft
2014-11-12 15:08:55 -------- d-sh--w- C:\Users\marek\AppData\Local\EmieBrowserModeList
====== C:\Users\marek ======
2014-12-10 17:48:14 7AC98BE8593253FDDF8293E1C60B04BA 2166272 ----a-w- C:\Users\marek\Downloads\adwcleaner_4.105.exe
2014-12-07 19:06:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\marek\Downloads\RSITx64.exe
2014-12-03 17:51:10 E343BC01020BE676BA2CDEE0FCDC3AA0 571048 ----a-w- C:\Users\marek\Downloads\Installation.exe
2014-12-02 15:24:58 A3D9E1DA5452927D5C9995C5E3E9367F 571232 ----a-w- C:\Users\marek\Downloads\installer_adobe_flash_player_English.exe
2014-11-15 18:21:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-11-15 18:17:08 -------- d-----w- C:\ProgramData\Lavasoft

====== C: exe-files ==
2014-12-10 17:48:14 7AC98BE8593253FDDF8293E1C60B04BA 2166272 ----a-w- C:\Users\marek\Downloads\adwcleaner_4.105.exe
2014-12-10 17:41:17 091235F94956B7824F2FDC73E0288BB1 534528 ----a-w- C:\Users\marek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2014-12-10 17:38:40 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\marek\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe
2014-12-10 14:21:43 55F99137468CF692802C7C192C422F2C 770704 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-12-10 14:21:42 6BF8F430BCE8D474880389D111E25964 775312 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-12-10 14:21:41 E628EF5D8D8E9ED59E5907540468F9BA 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-12-10 14:21:41 91555BDD8628B7FE3A823C4D1CB705FE 485376 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-12-10 14:21:41 8CFF3C79C48458398A9B33B85977EF0C 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-10 14:21:41 51208D0F32FFE944C7FDD875CF2F7298 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-12-10 14:21:41 30EBCA6157B0A6D6F73385EBAC2FA712 51712 ----a-w- C:\Windows\System32\ie4uinit.exe
2014-12-07 19:06:58 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\marek.exe
2014-12-07 19:06:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\marek\Downloads\RSITx64.exe
=== C: other files ==
2014-12-09 17:09:08 86A0D7AF1EBBB8C01420B34FAAB986D1 79947 ----a-w- C:\Users\marek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K6JKBCPN\bekle[1].zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2854584554-3035274672-59398493-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Handy Updater"="C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Web Companion"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"STCAgent"="C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
"ZyngaGamesAgent"="C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Handy Updater"="C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Web Companion"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"VideoDownloadConverter Home Page Guard 64 bit"="C:\PROGRA~2\VIDEOD~2\bar\1.bin\AppIntegrator64.exe"
"AdAwareTray"="C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe"

==== Startup Folders ======================

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09.12.2014 19:50]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{d9284e50-81fc-11da-a72b-0800200c9a66}"="C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\marek\AppData\Roaming\TomTom\HOME\Profiles\ah3xf4f4.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================

==== Chromium Look ======================

alakoggmijiicdlcjjeakffojoinhlpg - marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\alakoggmijiicdlcjjeakffojoinhlpg
Google Wallet - marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.icmwebserv.com_0.localstorage-journal deleted successfully
C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_apnwidgets.ask.com_0.localstorage-journal deleted successfully
C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.globososo.com_0.localstorage-journal deleted successfully
C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.vi-view.com_0.localstorage-journal deleted successfully
C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage-journal deleted successfully
C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage-journal deleted successfully
C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage deleted successfully
C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{85A60A59-D3D8-468F-B598-FB4393789EF4} Google Url="https://www.google.com/search?q={searchTerms}"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DB8241D62F5E87346B027E44E2C7B2BF deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HandyUpdater deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\DB8241D62F5E87346B027E44E2C7B2BF deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\marek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EICGLQ35 will be deleted at reboot
C:\Users\marek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KLFFOPSM will be deleted at reboot
C:\Users\marek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N8XSBHWP will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1378 folders=346 194130631 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\marek\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\marek\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Splashtop" not found
"C:\Users\marek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EICGLQ35" not found
"C:\Users\marek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KLFFOPSM" not found
"C:\Users\marek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N8XSBHWP" not found

==== EOF on st 10.12.2014 at 19:13:53,78 ======================

# AdwCleaner v4.105 - Report created 10/12/2014 at 18:50:08
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : marek - MAREK-PC
# Running from : C:\Users\marek\Downloads\adwcleaner_4.105.exe
# Option : Scan

***** [ Services ] *****

Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : IBUpdaterService
Service Found : SCBackService
Service Found : VideoDownloadConverter_4zService
Service Found : WindowsMangerProtect

***** [ Files / Folders ] *****

File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plimopelmdneikoknbgpopffpbmlhgpa
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage-journal
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.qvo6.com_0.localstorage-journal
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0.localstorage
File Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0.localstorage-journal
File Found : C:\Users\marek\AppData\LocalLow\SkwConfig.bin
File Found : C:\Windows\System32\dmwu.exe
File Found : C:\Windows\System32\ImhxxpComm.dll
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
File Found : C:\Windows\SysWOW64\hfpapi.dll
File Found : C:\Windows\SysWOW64\installd.exe
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\LemurLeap
Folder Found : C:\Program Files (x86)\sitefinder
Folder Found : C:\Program Files (x86)\SupTab
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\Program Files (x86)\sweetpacks bundle uninstaller
Folder Found : C:\Program Files (x86)\video download converter
Folder Found : C:\Program Files (x86)\VideoDownloadConverter_4z
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\eSafe
Folder Found : C:\ProgramData\IePluginServices
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\video download converter
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\ProgramData\WPM
Folder Found : C:\Users\marek\AppData\Local\Conduit
Folder Found : C:\Users\marek\AppData\Local\globalUpdate
Folder Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd
Folder Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Folder Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Folder Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Folder Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Folder Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Folder Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Folder Found : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa
Folder Found : C:\Users\marek\AppData\Local\iac
Folder Found : C:\Users\marek\AppData\Local\SwvUpdater
Folder Found : C:\Users\marek\AppData\Local\Temp\apn
Folder Found : C:\Users\marek\AppData\Local\VideoDownloadConverter_4z
Folder Found : C:\Users\marek\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\marek\AppData\LocalLow\Conduit
Folder Found : C:\Users\marek\AppData\LocalLow\PriceGong
Folder Found : C:\Users\marek\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\marek\AppData\LocalLow\VideoDownloadConverter_4z
Folder Found : C:\Users\marek\AppData\Roaming\337Games
Folder Found : C:\Users\marek\AppData\Roaming\eUpdate
Folder Found : C:\Users\marek\AppData\Roaming\istartsurf
Folder Found : C:\Users\marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\337Games
Folder Found : C:\Users\marek\AppData\Roaming\OpenCandy
Folder Found : C:\Users\marek\AppData\Roaming\SimilarSites
Folder Found : C:\Users\marek\AppData\Roaming\SupTab
Folder Found : C:\Users\marek\Documents\video download converter
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Found : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Found : C:\Windows\System32\ljkb
Folder Found : C:\Windows\SysWOW64\ARFC
Folder Found : C:\Windows\SysWOW64\jmdp
Folder Found : C:\Windows\SysWOW64\WNLT

***** [ Scheduled Tasks ] *****

Task Found : AmiUpdXp
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : Scheduled Update for Ask Toolbar
Task Found : 38e95a21-6562-4a93-ace9-b330ebca3e79
Task Found : 55154b6a-574f-4b32-995b-1aea35db1e57-11
Task Found : 55154b6a-574f-4b32-995b-1aea35db1e57-3

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.istartsurf.com/?type=sc&ts=14114085 ... J9CB309112
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1379780995
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\adawarebp
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\Smartbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\LemurLeap
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SupHpUISoft
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\VideoDownloadConverter_4z
Key Found : HKCU\Software\WNLT
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\LemurLeap
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\SupHpUISoft
Key Found : [x64] HKCU\Software\SweetIM
Key Found : [x64] HKCU\Software\VideoDownloadConverter_4z
Key Found : [x64] HKCU\Software\WNLT
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\BetterSurf
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3719959C-1CCD-4FA7-8EBB-7D9DED86FCCB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FF48DBA6-5DD8-4D10-9EB0-0FA968502E66}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
Key Found : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
Key Found : HKLM\SOFTWARE\Classes\STC.OptionMenu
Key Found : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
Key Found : HKLM\SOFTWARE\Classes\STC.Protocol
Key Found : HKLM\SOFTWARE\Classes\STC.Protocol.1
Key Found : HKLM\SOFTWARE\Classes\STC.VisualBookmark
Key Found : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
Key Found : HKLM\SOFTWARE\Classes\STC.WebObject
Key Found : HKLM\SOFTWARE\Classes\STC.WebObject.1
Key Found : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
Key Found : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
Key Found : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
Key Found : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
Key Found : HKLM\SOFTWARE\Classes\STCHelper.Protocol
Key Found : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{37923200-6887-4B44-95D4-CAE8F83ECFEE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\delta-homesSoftware
Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Key Found : HKLM\SOFTWARE\istartsurfSoftware
Key Found : HKLM\SOFTWARE\LemurLeap
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Firefox
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Internet Explorer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin
Key Found : HKLM\SOFTWARE\PIP
Key Found : HKLM\SOFTWARE\qvo6Software
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\supWPM
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\VideoDownloadConverter_4z
Key Found : HKLM\SOFTWARE\WNLT
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LemurLeap
Key Found : [x64] HKLM\SOFTWARE\WNLT
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter Search Scope Monitor]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://www.qvo6.com/newtab/?utm_source=b&utm_m ... 1379780995

-\\ Google Chrome v35.0.1916.153

[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=ds&from=amt&uid=SAMSUNGXHD103SJ_S246J9CB309112&ts=1379780996&type=default&q={searchTerms}
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&i=48&did=11034&ppd=1434,122991,20uQ2j4e.Fdr9aOJ0QkFw21wTfOg000.,,,,sweet-player,,,www.sweetplayer.com&barid=92826532709675650
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1402580987&from=wpm0612&uid=SAMSUNGXHD103SJ_S246J9CB309112&q={searchTerms}
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.search.ask.com/web?tpid=ATU4&o=APN1 ... earchTerms}
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411 ... earchTerms}
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : ainbkicbloikcngphmjfpjdemblcojdd
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : cekcjpgehmohobmdiikfnopibipmgnml
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : jlnfdbbladgcmhhamgkioifhbobjaoof
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Startup_URLs] : hxxp://www.istartsurf.com/?type=hp&ts=14114085 ... J9CB309112
[C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Startup_URLs] : hxxp://www.sweetpacks-search.com/?barid=&src=10&&st=23

*************************

AdwCleaner[R0].txt - [51069 octets] - [10/12/2014 18:50:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [51130 octets] ##########

#4 Příspěvek od **altrok** » 10 pro 2014 19:27

Vyborne, hned je pocitac lehci

Znovu spustte AdwCleaner... kliknete na Scan a nasledne na Clean. Log sem

Murdoc · #5 Příspěvek od **Murdoc** » 11 pro 2014 19:52

nemám tušení co říká tenhle log, ale vzhledem k tomu, že je podstatně kratší než ten předchozí, bude to asi dobré. Veškeré reklamy z internetu zmizeli, nic se samovolně neotvírá. Znovu sem si nastavil domovskou stránku. Bez problémů se zobrazí jako jediná záložka, žádné další nechtěné.
Rozhodně musím uznat, že svému oboru rozumíte. Velký dík.
Teď už jen abych si to znovu nezaviroval.
Neměl bych nějakým způsobem zapracovat na zvýšení úrovně zabezpečení?

# AdwCleaner v4.105 - Report created 11/12/2014 at 19:40:49
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : marek - MAREK-PC
# Running from : C:\Users\marek\Downloads\adwcleaner_4.105 (1).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plimopelmdneikoknbgpopffpbmlhgpa
File Deleted : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : [x64] HKLM\SOFTWARE\WNLT

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183

-\\ Google Chrome v35.0.1916.153

*************************

AdwCleaner[R0].txt - [51695 octets] - [10/12/2014 18:50:08]
AdwCleaner[R1].txt - [1376 octets] - [11/12/2014 19:39:31]
AdwCleaner[S0].txt - [52232 octets] - [10/12/2014 18:51:55]
AdwCleaner[S1].txt - [1267 octets] - [11/12/2014 19:40:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1327 octets] ##########

#6 Příspěvek od **altrok** » 12 pro 2014 01:19

Odinstalujte Ad-Aware a pak i dalsi aplikace od Lavasoftu. Ted nainstalujte nektery osvedceny antivir... napr. avast! Free nebo Aviru. Vetsina haveti, kterou jste v PC mel jste tam (ne)vedome nainstaloval s jinym softwarem. Napriklad znamy prehravac BSplayer Vam nuti toolbary a zmenu domovske adresy... ukazkovy priklad, jak se tomuto vyhnout:

Po spuštění instalace si vyberete, zda chcete videa a audiostopy přehrávat pomocí BSplayeru - zde je vse v poradku.

Obrázek

V dalším a posledním kroku Vám BSplayer nabízí 2 základní možnosti

tzv. Full instalaci včetně toolbaru a úpravy prohlížeče (domovské stránky atp.) nebo
instalaci toolbaru a volitelnou úpravu prohlížeče jako v předchozím bodě

Pozorne se na obrazek podivejte, protoze obe moznosti jsou spatne! V druhe moznosti mate moznost nesouhlasit s upravou domovske stranky, ale stale souhlasite s nainstalovanim toolbaru (doplnku do prohlizece)

My ale nechceme instalovat ani toolbar, takže klikneme na tlačítko Skip (preskocit), pomoci ktereho instalaci toolbaru preskocime, cimz je BSplayer Free nainstalován bez zbytečností kolem.

Ponaučení
Při instalaci klasické tlačítko Back často nahrazuje možnost Skip (přeskočit).
Čtěte, s čím souhlasíte a snažte se, ať je mozek rychlejší než prsty.

Dalsi velice dulezitou veci je udrzovat vsechny aplikace aktualizovane (kazde druhe utery v mesici vychazi zaplaty pro Windows, aktualizujte Adobe Flash Player apod.).

Pokud Vam tyto informace nestaci a chcete se jeste vice naucit, jak se haveti branit, zde je nekolik clanku, ktere prevenci blize popisuji.
http://www.bleepingcomputer.com/tutoria ... fe-online/
strojovy preklad do cestiny: https://translate.google.com/translate? ... edit-text=
http://www.hotforsecurity.com/blog/31-s ... 10571.html
strojovy preklad do cestiny: https://translate.google.com/translate? ... edit-text=

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

VIRY.CZ

Počítač plný malwaru

Počítač plný malwaru

Re: Počítač plný malwaru

Re: Počítač plný malwaru

Re: Počítač plný malwaru

Re: Počítač plný malwaru

Re: Počítač plný malwaru