Dobrý den, prosím o radu, jak se zbavit vyskakujících reklamních oken a sdělení, u kterých je napsáno "Ads by name" a "Ad Options". Snad se mi podařil správně vygenerovat log, vizte pod čarou:
_____________________________________________________________
Logfile of random's system information tool 1.10 (written by random/random)
Run by Hanka at 2015-04-03 16:51:07
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 9 GB (11%) free of 76 GB
Total RAM: 3037 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:51:09, on 3.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Users\Hanka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\trend micro\Hanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Hanka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11117 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2c8
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
C:\Windows\System32\spoolsv.exe
taskeng.exe {CA535789-87D4-4B02-A982-13536A53DA6C}
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Windows\System32\igfxtray.exe"
"taskhost.exe"
"C:\Windows\AsScrPro.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
taskeng.exe {B27E98F9-2DAC-40EC-AF3F-69EC57E5B629}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --proxy-stub-channel=Flash3828.6B535F38.2664 --host-broker-channel=Flash3828.6B535F38.10199 --host-pid=3828 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --channel=1040.0034F608.1584267108 --proxy-stub-channel=Flash3828.6B535F38.2664 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" --host-npapi-version=28 --type=renderer
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2500.1b693130.264643616 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 2500 "\\.\pipe\gecko-crash-server-pipe.2500" plugin
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --proxy-stub-channel=Flash3812.6B535F38.10659 --host-broker-channel=Flash3812.6B535F38.3734 --host-pid=3812 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --channel=4860.002EF718.1843407088 --proxy-stub-channel=Flash3812.6B535F38.10659 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" --host-npapi-version=28 --type=renderer
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Hanka\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Hanka\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\winter_web_notification_service.job - C:\Program Files (x86)\winter web\winter_web_notification_service.exe /url='http://cdn.selectbestopt.com/notf_sys/index.html' /crregname='winter web' /appid='73143' /srcid='2913' /bic='4a8dc2bcab26cf6f3b5f32cd6a8ba321' /verifier='d4f5d67faeaaf304a75512b967e7c0f8' /installerversion='1.50.3.10' /statsdomain='http://stats.buildomserv.com/data.gif?' /errorsdomain='http://stats.buildomserv.com/data.gif?' /monetizationdomain='http://logs.buildomserv.com/monetization.gif?' /installationtime='1427982232' /runfrom='task' /brwtype='notbg' /postponedhours='6'
C:\Windows\tasks\winter_web_updating_service.job - C:\Program Files (x86)\winter web\winter_web_updating_service.exe /campid=2913 /verid=1 /url=http://cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=winter_web_updating_service /funurl=http://stats.buildomserv.com
=========Mozilla firefox=========
ProfilePath - C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@TrendMicro.com/FFExtension]
"Description"=TrendMicro Toolbar Rating Plugin
"Path"=C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default\searchplugins\
google-avast.xml
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-26 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-26 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-07-15 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium]
C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent 1 SplashURL []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-07-15 2429]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5227648]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Hanka\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=16
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-03 16:49:18 ----D---- C:\rsit
2015-04-03 16:49:18 ----D---- C:\Program Files\trend micro
2015-04-03 12:50:34 ----A---- C:\Windows\tweaking.com-regbackup-HANKA-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-03 12:50:19 ----D---- C:\RegBackup
2015-04-03 11:27:27 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-03 11:26:19 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-03 11:26:19 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-03 11:26:19 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-03 11:26:18 ----D---- C:\ProgramData\Malwarebytes
2015-04-03 11:26:18 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-03 10:05:13 ----D---- C:\Users\Hanka\AppData\Roaming\IObit
2015-04-03 09:16:44 ----D---- C:\AdwCleaner
2015-04-03 08:57:24 ----A---- C:\Windows\system32\sdnclean64.exe
2015-04-03 08:57:21 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-04-03 08:57:08 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-02 17:42:01 ----D---- C:\ProgramData\IObit
2015-04-02 17:41:53 ----D---- C:\Program Files (x86)\IObit
2015-04-02 17:37:07 ----D---- C:\Program Files (x86)\EMCO Remote Connection Analyzer
2015-04-02 15:43:48 ----D---- C:\Program Files (x86)\winter web
2015-03-25 09:01:47 ----A---- C:\Windows\system32\generaltel.dll
2015-03-25 09:01:47 ----A---- C:\Windows\system32\appraiser.dll
2015-03-25 09:01:47 ----A---- C:\Windows\system32\aeinv.dll
2015-03-25 09:01:47 ----A---- C:\Windows\system32\acmigration.dll
2015-03-25 09:01:46 ----A---- C:\Windows\system32\invagent.dll
2015-03-25 09:01:46 ----A---- C:\Windows\system32\devinv.dll
2015-03-25 09:01:45 ----A---- C:\Windows\system32\aepic.dll
2015-03-25 09:01:45 ----A---- C:\Windows\system32\aepdu.dll
2015-03-22 12:32:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-20 11:44:07 ----ASH---- C:\pagefile.sys
2015-03-11 11:56:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-11 11:56:08 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 11:56:08 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 11:56:07 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-11 11:56:07 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 11:56:07 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 11:56:06 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-11 11:56:06 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-11 11:56:06 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-11 11:56:06 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 11:55:58 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-11 11:55:58 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 11:55:57 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 11:55:55 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-11 11:55:54 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 11:55:52 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 11:55:52 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 11:55:51 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-11 11:55:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 11:55:50 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-11 11:55:47 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 11:55:47 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 11:55:46 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-11 11:55:46 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 11:55:44 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-11 11:55:44 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 11:55:43 ----A---- C:\Windows\system32\evr.dll
2015-03-11 11:55:42 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-11 11:55:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-11 11:55:41 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 11:55:40 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-11 11:55:39 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 11:55:38 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-11 11:55:38 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 11:55:37 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-11 11:55:37 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 11:55:36 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-11 11:55:36 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-11 11:55:36 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 11:55:36 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 11:55:35 ----A---- C:\Windows\system32\mf.dll
2015-03-11 11:55:34 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 11:55:30 ----A---- C:\Windows\system32\winload.exe
2015-03-11 11:55:28 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-11 11:55:28 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 11:55:28 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 11:55:28 ----A---- C:\Windows\system32\ci.dll
2015-03-11 11:55:28 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 11:55:28 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 11:55:27 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-11 11:55:27 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-11 11:55:27 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-11 11:55:27 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 11:55:27 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 11:55:26 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-11 11:55:26 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 11:55:26 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 11:55:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 11:55:26 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 11:55:25 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-11 11:55:25 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 11:55:25 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 11:55:25 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 11:55:23 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-11 11:55:23 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 11:55:23 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 11:55:22 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-11 11:55:22 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 11:55:22 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 11:55:22 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 11:55:21 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-11 11:55:21 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-11 11:55:21 ----A---- C:\Windows\system32\smss.exe
2015-03-11 11:55:21 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 11:55:20 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-11 11:55:20 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-11 11:55:20 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 11:55:20 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 11:55:20 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 11:55:20 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 11:55:20 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 11:55:20 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 11:55:20 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 11:55:20 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 11:55:20 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 11:55:19 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-11 11:55:19 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 11:55:15 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 11:55:14 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-11 11:55:14 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 11:55:13 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-11 11:55:13 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-11 11:55:13 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 11:55:12 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 11:55:10 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-11 11:55:09 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 11:55:03 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-11 11:55:03 ----A---- C:\Windows\system32\mferror.dll
2015-03-11 11:54:18 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-11 11:54:18 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 11:54:15 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 11:54:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-11 11:54:08 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 11:54:07 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-11 11:54:07 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 11:54:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 11:54:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 11:54:07 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 11:54:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-11 11:54:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-11 11:54:05 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 11:54:05 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 11:54:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 11:54:05 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 11:54:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-11 11:54:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-11 11:54:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-11 11:54:04 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 11:54:04 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 11:54:04 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 11:54:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-11 11:54:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-11 11:54:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-11 11:54:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-11 11:54:03 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 11:54:03 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 11:54:03 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 11:54:03 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 11:54:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-11 11:54:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-11 11:54:02 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 11:54:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-11 11:54:01 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 11:54:01 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 11:53:55 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 11:53:54 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-11 11:53:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 11:53:52 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 11:53:49 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 11:53:48 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-11 11:53:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-11 11:53:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-11 11:53:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 11:53:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 11:53:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-11 11:53:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-11 11:53:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:53:45 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-11 11:53:45 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 11:53:45 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 11:53:44 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-11 11:53:44 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-11 11:53:44 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:53:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-11 11:53:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-11 11:53:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-11 11:53:41 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 11:53:41 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 11:53:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-11 11:53:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-11 11:53:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-11 11:53:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 11:53:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-11 11:53:39 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-11 11:53:39 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:53:39 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 11:53:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-11 11:53:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-11 11:53:38 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 11:53:37 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 11:53:37 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 11:53:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-11 11:53:35 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 11:53:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-11 11:53:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-11 11:53:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-11 11:53:33 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 11:53:33 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 11:53:32 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-11 11:53:31 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 11:53:30 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 11:53:29 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 11:53:28 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 11:53:28 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 11:53:28 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 11:53:27 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 11:53:27 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 11:53:26 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 11:53:25 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 11:53:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 11:53:23 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 11:52:12 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 11:52:11 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
======List of files/folders modified in the last 1 month======
2015-04-03 16:51:08 ----D---- C:\Windows\Temp
2015-04-03 16:49:26 ----D---- C:\Windows\Prefetch
2015-04-03 16:49:18 ----RD---- C:\Program Files
2015-04-03 16:48:29 ----D---- C:\Users\Hanka\AppData\Roaming\Dropbox
2015-04-03 16:46:48 ----D---- C:\Windows\system32\config
2015-04-03 16:44:00 ----D---- C:\Windows\system32\Tasks
2015-04-03 16:43:22 ----D---- C:\Windows\Minidump
2015-04-03 16:43:08 ----D---- C:\Windows
2015-04-03 16:34:24 ----D---- C:\Program Files (x86)\Opera
2015-04-03 16:32:05 ----SHD---- C:\Windows\Installer
2015-04-03 16:30:03 ----D---- C:\Windows\system32\DriverStore
2015-04-03 16:30:03 ----D---- C:\Windows\inf
2015-04-03 16:29:51 ----D---- C:\Windows\system32\catroot
2015-04-03 16:29:48 ----D---- C:\Windows\System32
2015-04-03 16:17:47 ----D---- C:\Windows\debug
2015-04-03 15:48:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-03 15:34:10 ----D---- C:\Program Files (x86)\ASUS
2015-04-03 15:34:05 ----HD---- C:\ProgramData
2015-04-03 12:10:24 ----A---- C:\Windows\system32\ServiceFilter.ini
2015-04-03 12:08:59 ----D---- C:\Windows\system32\drivers
2015-04-03 12:08:59 ----D---- C:\Windows\ehome
2015-04-03 11:26:18 ----RD---- C:\Program Files (x86)
2015-04-03 09:30:54 ----D---- C:\Users\Hanka\AppData\Roaming\FileZilla
2015-04-03 09:25:17 ----D---- C:\Windows\SoftwareDistribution
2015-04-03 09:21:36 ----A---- C:\Windows\system32\AutoRunFilter.ini
2015-04-03 08:57:34 ----SD---- C:\ProgramData\Microsoft
2015-04-03 08:25:27 ----D---- C:\Windows\Tasks
2015-04-02 16:43:01 ----D---- C:\Windows\SysWOW64
2015-03-30 10:15:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-26 09:50:48 ----D---- C:\Windows\winsxs
2015-03-26 09:50:08 ----SD---- C:\Windows\system32\CompatTel
2015-03-26 09:50:07 ----D---- C:\Windows\system32\wbem
2015-03-26 09:50:07 ----D---- C:\Windows\system32\appraiser
2015-03-26 09:50:06 ----D---- C:\Windows\AppPatch
2015-03-12 15:50:04 ----D---- C:\Windows\rescache
2015-03-12 11:41:35 ----SHD---- C:\Boot
2015-03-12 11:37:57 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-12 11:37:57 ----D---- C:\Program Files\Windows Media Player
2015-03-12 11:37:57 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-12 11:37:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-12 11:37:56 ----D---- C:\Windows\system32\Dism
2015-03-12 11:37:56 ----D---- C:\Windows\system32\cs-CZ
2015-03-12 11:37:55 ----D---- C:\Windows\system32\en-US
2015-03-12 11:37:54 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-12 11:37:54 ----D---- C:\Windows\system32\Boot
2015-03-12 11:37:51 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-12 11:37:51 ----D---- C:\Program Files\Internet Explorer
2015-03-12 11:37:49 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-12 10:40:47 ----D---- C:\ProgramData\Microsoft Help
2015-03-12 10:17:32 ----D---- C:\Windows\system32\MRT
2015-03-12 10:03:39 ----A---- C:\Windows\win.ini
2015-03-11 18:48:24 ----A---- C:\Windows\system32\MRT.exe
2015-03-11 11:50:56 ----D---- C:\Windows\system32\catroot2
2015-03-04 08:48:36 ----D---- C:\Windows\tracing
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-07-15 35384]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-26 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-26 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-26 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-26 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-26 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-26 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-26 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-26 116728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-03-17 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-03 136408]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-03-17 63704]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-26 50344]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-03-17 1871160]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-27 148080]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-12 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Adware (?) "Ads by name"
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Adware (?) "Ads by name"
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Adware (?) "Ads by name"
Díky.
Po realizaci pokynů z 1. odrážky se zobrazilo toto (před zprávou a za ní dělám čáru, třeba to tak bude přehlednější).
_______________________________
# AdwCleaner v4.200 - Log vytvooen 03/04/2015 v 18:29:29
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Hanka - HANKA-PC
# Spuštino z : C:\Users\Hanka\Desktop\adwcleaner_4.200(1).exe
# Nastavení : Eištiní
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeee ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Mozilla Firefox v37.0 (x86 cs)
-\\ Google Chrome v41.0.2272.118
-\\ Comodo Dragon v33.1.0.1
-\\ Opera v28.0.1750.48
*************************
AdwCleaner[R0].txt - [8690 bytu] - [03/04/2015 09:16:48]
AdwCleaner[R1].txt - [1252 bytu] - [03/04/2015 09:55:04]
AdwCleaner[R2].txt - [1098 bytu] - [03/04/2015 18:27:23]
AdwCleaner[S0].txt - [8388 bytu] - [03/04/2015 09:19:21]
AdwCleaner[S1].txt - [1312 bytu] - [03/04/2015 09:59:41]
AdwCleaner[S2].txt - [1024 bytu] - [03/04/2015 18:29:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1082 bytu] ##########
______________________________________
Mám Windows 7. Po realizaci pokynů z druhé odrážky se zobrazila následující zpráva.
________________________________________
Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by Hanka on p 03.04.2015 at 18:51:50,42.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Hanka\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
3.4.2015 18:53:25 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\GRETECH deleted successfully
C:\PROGRA~2\Trend Micro deleted successfully
C:\Program Files\Google deleted successfully
C:\Users\Hanka\AppData\Local\Trend Micro deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10BA09-7A3F-41EE-8033-2820CC1EF88F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12D15C4E-5BAA-42EB-A2D3-FF2D38834334} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12DBD56C-4457-4123-B8B8-65419A1876B1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14284C77-6470-459D-8DDA-29B3747D466A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{142D4FDF-F298-42EE-85D1-6E638C59F82} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{142DED66-B287-414B-AED8-4F5A320C17C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14341786-DF07-4775-B2C9-2B846D3D81B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{157D13C7-762B-4F61-AA45-EAFC3255A822} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{179E2B8E-E3F-43E7-AB26-846AD1DF4F93} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A3B4F10-3C9-4F2E-AF2A-31685BE3D257} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A652FF0-BC6E-4603-87AD-7AE68ACC982} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BF3F094-8A48-44AA-9398-F759E42D954} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D0B1E1-FC1C-4179-9E8A-8B5CC9763B9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E225BEA-164-4EEF-BAE8-B1E01E56E1BF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EB02D35-DDCE-4E1A-898C-AC60CFB7BC4F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EFBA767-FC97-4C16-BC49-DE7235768229} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FBABDED-5C74-40B4-949-F02984A5C738} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20AB8D2D-6993-43D5-BF2-641A18A8B7E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20BE5823-D6A5-442E-BE68-1C63F2CC6B22} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{217A4877-FF09-4A3D-BA9-5C3B3F855B18} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22A6AFBB-2B18-43A7-BDCE-69F1EA775471} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22EF8983-8CA-467E-9756-4B270D7482} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2379D798-A516-421B-BAED-217087F65B4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{238D1636-28B3-4E79-A825-1419B8622FBE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23C085EE-D1D-426D-8856-C1FF208FC0A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{260518F5-9250-487A-9DC7-6AAC39E31F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27746D5E-70E3-4DA6-B87A-AE721BFFDC4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27A40DB8-BE29-49E3-B7F8-B874FE3CC7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29CDD94-A70E-4801-AFEC-7A7A335A19C5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A41F763-C387-49F6-98C2-4EC4A2C4F732} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B03DA6F-6D86-4872-9022-179D291AF4A5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BFD1A8D-981B-48EA-A2B2-E8A2CD5D195} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C58F765-6F79-475F-9918-FFB3C08CD27A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C59A35-49E2-4E2A-90BE-9B79E8805F90} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DA963C1-373A-4F77-917C-9892DBD6A0DE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F348087-50BD-4764-9263-50A8FB88767A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F5F2635-8497-4557-9CAC-E9C162DE63AA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F8C974F-7B1D-4353-B4D2-A404EE9E49} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FA44EED-AAD2-47D4-9342-FB4FD449CB0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3011F198-AF93-4412-8A84-225A8531AF40} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31EA906D-B53C-4522-AC47-29AAB921BBD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32455E7-35B6-4D0B-AC26-6C4128BA1BB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33A5C682-75FE-47A1-B9A6-2A4DAC556CF5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{347A7305-AFB5-4CA8-B263-91F9BC785349} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36CD775-DEF8-494C-9B68-BE99D1B2FE5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36F7FFB8-2A8B-45AB-865E-713765E86AD9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38FA402-8B14-49CB-B955-16CB29E09D3A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39B3C275-7949-40A1-B9AA-57F8740D2DB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A734346-6C69-4119-81E0-46DBBC6D85D0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BD77050-1F44-485A-B773-82DE990390} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CCC5AD1-887-431E-9BF6-17BBF92EB9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D0B7FB7-A274-4A15-8C3C-1CFAC85C637} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DF4EF58-48FA-409F-B5EB-C77A5FAA293C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E61172-EE3F-4B3E-91CF-3CA4AA434124} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E9BC191-DA86-4BD3-89C8-EF5A81EA0C1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{406772A7-8870-4F09-A83D-4E72AD31286} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40D9BF7-FB17-4FAF-A72B-78F9A1C6A687} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{413E034-66ED-4310-A4D5-4AC0ADC54B0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41CA62-F78D-492A-83FE-A134D457ACF8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4219DD08-95B2-4361-99F8-479B4CF94EE3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42761EDE-3A9B-40E1-8ABA-9476983558B6} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4321BE0D-7793-4DAD-98BB-DF882A44C412} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43758F94-76E-4A0D-A670-23FAD94E8ADB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44383BDF-EAC3-48D5-BA1-11E8E3DC56C7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44E286C-12AC-4774-B597-CFA6BDDE04} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{455ECE8D-FDA9-45E6-BDCA-EF551823707} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{458B60D4-121B-4D33-8B8E-6628F7CAFB8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46A80956-2AC9-4555-BB5B-1B7EE562AD44} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49A51EF3-AB2E-4458-88C-18C30102D56} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A70EA80-322C-4D65-94F0-D7D4EA50E2BD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B8872B-2F74-4AC8-9B20-FC66B91A44E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BB04F76-3DA2-45D9-9520-4ADE82CCC2C0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BF9DA8-BD3C-4B40-962A-B4C159C7D21F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CFD8B1F-9909-42DE-A5A6-A3E6BEBE6B1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D0F1182-BDF6-483A-BAC3-22DFD83D477D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E457922-E67C-4403-ACF6-22788AB70F3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EB75BC8-CB37-4817-A47A-8D1427416111} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F8A7AAD-A63A-46DA-8E5E-15D623D1792} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FC1CC9D-79A3-42F0-87AB-B5D15AEC5D57} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5071EBEF-5199-4F16-A1F4-A46EBF456CFD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{510DBEFE-B9B6-4463-9928-35ADADFA1CAB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{511057E5-C988-4F1C-B7B6-FF18B4DE669F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5126A118-38BB-4CDF-B970-C0A5C576B579} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5149FB2E-E1C7-4CB8-8E16-A6A65D878057} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{517F75E3-2D2-4038-9783-D702EA16E9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51D9CD8E-5639-46C6-9E88-67DA7C8D313} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5215F338-D387-40BE-9B72-A8887106074} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52DC5931-42EB-4E90-9278-D7AFBCC48F68} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{536BA714-EED8-4FA0-AC0-FD8AA52C7C9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{545F7F51-E9A4-4B01-B7C6-E1459695D39A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54BB5D0-170C-4E90-BE21-4B6D9F2DE972} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57931746-B6FE-4151-8A15-FC9BA5EE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{585DFBED-A5FC-435F-ABA2-B7E1EC80AEC2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58C911F6-594-47B7-A127-FBB928FDA52} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58E1B4BD-6943-41A4-ADD2-D79D49FAE11} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{591728EC-491B-455E-B0C8-BD1941FFFFC0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A39FCE4-B382-4176-8F6B-53F943DEF98} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B1462EA-6D35-4009-B4D7-91D14B4026A1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B3BE7D7-CBFD-4AEB-8CEA-B1A2B26ED7F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D8ED867-1B97-4EED-A054-6DFA7EA549CB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E796224-2393-467F-B6D3-A177AAD4B391} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{600B1C4F-8D92-4EE8-B37-AB1EFA450C2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{604C624E-DC36-4776-B179-46DF42317EFE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60E4CE76-3BE0-437D-90C5-255724DA40E1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6181016A-DBD0-4BF2-8C21-299B45108758} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61997BE6-FB73-4424-AF45-6176CB39DED7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6369A637-233E-4413-A348-EE22A05126AD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{645FA7A5-54A9-4CF9-BDF6-81409A67AE28} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64E9631D-FEFD-48EA-A9CC-36B8D6A71C7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{654B7936-2966-414E-91F1-F92F738B8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65C049EC-B041-4B0E-A467-30BE1B62D03F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{660EA19-F703-4AE3-98A2-6D4C7BE25618} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66F695C6-E7-4B11-B074-3559A3961B69} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{678BD569-D39-4E41-824-318C253C352} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68E79584-6F04-49A5-96A1-EF914BF88353} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{697E4668-7489-4023-93D2-B7F89E65C935} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A7A6B0D-8FF2-495E-8E2E-BE3B661A8BAD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D3E8C2D-E0EE-4CCF-922A-A8963EBA1B3D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D598BF0-90D9-4E48-8D86-635C91129FA2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E27DD5B-D1A2-4319-B112-CBD25EAEE4C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F217FD0-3553-4133-B26D-24745E2C40CE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F363382-783-4AC7-A01D-491D474403A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F3C7849-4E22-463F-8A88-32426E20C23D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70809CBD-75FD-4A1F-A3AB-10F15E0BF5D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{720E3289-617D-458C-9EAD-47EF40CA7A31} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72174935-CFAA-42DB-9B5C-5F70E07D58B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{726E40A3-F6F1-4333-8DFF-3E9881A4B6E8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{728FD426-7C18-4520-91F9-14F7D886E52F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73EE0D06-B0EE-46BB-9758-FBB42E23A0A7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75131DDA-D9B8-4EFB-B050-C5F8CD501085} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76F405A8-A3E9-4999-81E3-8BCAE29A3B22} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{778EDA56-B55B-4114-B3E5-B1614774CEFE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77C76339-BA3A-4F9B-8560-91E7FA979D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{784FA5BF-6AA9-4C0E-BEA1-5F6B90759589} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7902C8C3-54D8-4345-B6BE-B5792A16AC3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B78694F-F633-4959-BE53-B14746094C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C35A7EE-CA36-43E7-A26B-5BE13BFF9AF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DB49ED7-E5C5-4688-9361-B4EE2982807A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E188AD2-B30A-4245-AE18-6F66577EFB7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E4CFA9F-FDD8-4736-B428-6C4773CAF12D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F18BA36-A097-4511-9CFA-B7C2875A8C71} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F4C5404-B90B-4983-8AAF-C9AC216A8CED} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F8E4125-DDE0-499C-A52D-645C6D8F8F48} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{804E97D4-CA2F-4EF3-9176-282187F48637} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80620005-C585-45A8-931B-EFF848E6FE24} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80F5C44B-9B4C-4416-A5B3-C5B4D3672D9F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{810E3398-4C51-4F17-842D-3A98BACA64} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819BD041-EE77-458E-BB17-F3EA2B83B67B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81ADA741-31C1-4341-A249-6DE3505292A2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82E2DBC0-1B61-4851-9035-69D2488F5F5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83DE4BA9-6B26-4EBB-836B-A65791826A5B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8468F4A5-FEF8-4BFF-A369-5F6894D759D6} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88468B4-8D6F-4EA6-A582-2C25113A3A6} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{891664A5-7228-4081-B15B-E1EE3161DEA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B240509-7235-4264-83BC-70D7826FB6E8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B79E5C8-EF29-4844-9164-F2A82EB824A0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CAB4B01-E28E-4CD1-97FA-D3DA473DF455} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D431B4C-8DC3-4C94-8DC-ED48E75CDDD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D9B3D01-D848-4264-85EB-94174F1A4119} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E00661A-D870-4DC2-BE4A-5FC2BF1424D1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E2B27D3-B8F1-4251-90A0-8B3A8423AE9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E69487F-FE12-4DAF-B743-7E2B5CDD1B3A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F11FD57-ACE0-4853-B376-D2185BFAC049} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F25930A-D3B7-47AC-A29D-F2AB62AF6772} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F97CDEE-2B30-440F-B21D-2C1C2F2AE8E1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90B97C31-160E-495E-9F29-C696C627CACB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{912C9783-A50A-48C8-91DE-94E33C4562F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92343052-EC0F-416B-9F87-E07B97AB4C51} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9236A6FB-6962-40A9-9C6F-AA893924355F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92BDAAAF-3C99-4705-97AE-5F1FE64835B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9344726C-FA93-4D8B-B61-1C35CEEB138B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{937D5700-9F02-4C3A-8D32-EF511D88DD77} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{954C67BE-6AFA-4AFB-8355-25CC45C2F1CF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95B19C4B-E4B6-4D24-BC48-B1B63ECE318} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{963AAAF8-6462-4DB7-B08C-1A89DBFD6DD8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96D3D410-C7F1-4FD9-8576-B9B067EF42FC} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99A0B7C5-2194-42EA-9297-36F4D5B9CD2F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99EA04F9-6092-4079-BAB2-CCF3C6E49E20} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AECC83-54B-45DE-88C7-8567DA4C677} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C44F5E8-782C-4B2A-B06C-BF843B97BB19} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CC4C22B-5ACA-4FA4-8960-176C50586269} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CFEBEBC-8360-4E8D-9345-DFCEFE1779C5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E6D2B15-E23F-4765-902C-E0571BBEC0A0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F6AA3F0-8184-4232-9560-8ED1CAAAEA9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A10A763B-6F2F-46E2-814-18DC9B7D63EA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A195EDD8-FEEA-4167-BCC6-FFEA788268ED} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A198D996-BBEE-4116-AB8D-FF8465744059} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A304536C-A5AF-48BB-AD52-B078AD94E5F1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A42A76A6-7D62-400F-AA81-95D66E8FD8AD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5800A4-BE6D-4D42-9A23-B84ECEC637A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AB46FB-31DB-49A4-A6DA-9D45A8AE31EF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7625297-D35F-4D7E-B035-70774DE1E64C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A845D0D2-DD1B-4BC7-A656-D787D4B412EF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A85779F0-76F9-497B-9F22-44BCA9DD4F38} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8B55214-E000-418E-9A90-8C59D556EF5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A901B24F-3C9-4DCC-8925-F36FAA329B67} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA41CC5-BA3A-4F08-AE55-B434032AC3E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAF96081-E80F-4F97-B873-E5A2A26057FA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB94D949-1BE9-4E4B-87A4-8A695C29FCC0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC2E70F7-2FAA-4120-A990-A05613219183} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD5B74E-DADE-4590-87FD-5278E12A37F2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF8DF20B-CBFA-446F-8A24-4BF7C647632} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDCF78A-6BE4-4259-995F-BB33274A1C5B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B09E5FDF-ED1D-462E-B33C-23C7FD81625C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0A6C089-1E12-46B0-A4C4-89F57402EE4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0DC01E6-7882-4F6D-8613-AF3E2F1BFEB7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3CFDD16-B3E4-4F9F-B916-BB76E6519EB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4466354-3CF5-4783-B547-A84AB0881D39} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4D49A11-C78D-4251-886B-5DBB9BBC3DF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B51AAAE0-1162-4EBE-B5D5-EF3491D6BEE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B536E381-68CE-407A-975C-FA818F7D7FB2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B549BC13-D651-46C2-8A2F-3F81FA7266A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9B8BB41-C7DD-4FDE-B844-C23A6A8F35ED} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9FE6C49-41BE-469F-A69D-5D9A1B9556B9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA0C9C23-4708-4425-93BD-5EC9A35CEFF0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB388E6D-4845-46F1-A341-4C81753421A3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC2B6024-977E-4D86-B3CD-648737B9BD1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC816102-AB51-4ED3-968D-74D777BEED68} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2A9707B-DEED-4B4F-9C5C-CB8BF2EC2266} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3CF4433-F49F-4D82-8729-465F257FA5F0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4CD86C7-E800-4A2A-AD17-63732C3E16B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5CF4284-6419-4A9F-AA1B-EDC52B4013EA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6D627-A1DE-4924-8896-F4FEA7A622CF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6EADA67-918F-4EE7-9B30-E99BD57A9B8B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C83096C9-29CB-415E-9926-A48471D36282} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C96145B3-9AEE-4E55-833-EBA9944098A8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9A74A5A-65C4-4BF9-AD69-9784DAC9F98B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA7F4F17-AD14-4D03-AB32-1C9FC93DDC4A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAE18760-71F0-4F35-AC68-265783EBCC80} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC188541-CCDF-435A-9F96-21813BEA3571} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD8A8D98-E355-4AE8-ACCD-30C4578A8D4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDDF8338-180-403B-AB31-B55BAAAE51F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE753CE0-41EF-4729-A878-AADC132FDB21} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE82BA69-2880-4B95-B1C2-7FD9D7A2563} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEC092C5-E491-4586-AE42-471D70E712FE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF05474B-C3-48EC-A7BB-74515C383570} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFB462C2-25B3-4F05-817-9FBC5C4854C9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFBFA641-2FD1-4249-9DCF-CE8721651C9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D040C6AC-DC3D-473C-8F46-537DC0BB7116} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D11B8E6B-D498-4CED-8AD3-A99CAA575415} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1AB6055-7F6B-4F15-9CB1-A26BF891B7D1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1ED0552-8E14-41F3-86D7-FDEEF1CF4C0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1EFEAC3-9635-449D-B533-59F27732EA1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3C8A746-8A1-481A-BCD7-C644BAB98D4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D432E6B7-D6BC-4194-8479-89A1BA51526} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4843577-1AA7-44C2-A748-D658A6625786} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D568769C-FE6F-43CB-8B6-14EB53C0B0BE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5E01A-8820-4922-95E5-8D84ABB65B8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6AE4DDF-DA80-491C-88E9-44D655F3BB62} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6F2B1C8-7984-42EB-A15C-B4FCA09F848} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D81B980F-1A03-4C2F-A99E-8B1ED5C5F2B5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8C66D79-33C4-4337-AAA6-6DC5EAA16E6} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D98EBD33-FDA4-4755-83F4-261B494787BF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9B30371-535E-4098-A9ED-40D3D2267B7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9CD74E1-7916-4812-96CD-E2B5592055F3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA067F1F-322C-4B0F-BA86-19E570EE1CC7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA556AAF-E98D-40EF-B19-C28033892D9F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA980476-798E-48BF-8C9F-1BC8CF9912F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB07FEF1-4BB1-459C-80BE-AD8C486C26AD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB59EB0A-3BCE-4B28-8B34-DDE66BEFA956} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD38A158-FA1D-43CB-A9FC-2CBC56CCED9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEB58E41-56A7-4809-AA1F-977BA8FF53} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF5B196C-B56E-408D-A75C-98B195A08271} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFCA964-A5AF-415D-A35F-3A4C239E48E2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E038D4D9-66BF-4B45-A89-592FBDB9982D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0B54135-B781-4C18-9033-F7168C1D97F2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E193694-6EB7-4139-841E-D273AECDD26E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E214CDF5-FB3B-47D5-9467-B1EF0B015D3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3F17410-9A1A-465C-8878-E9559E8965} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4470EE4-5B54-42B3-B625-C94C64D270} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E45CF8D4-6DA4-49AA-9EAA-D1A4D64AC33C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E50F6761-1752-4F76-BD38-2C4199C45CF1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5AD4AE9-A809-4317-B88B-B012E7DD3C8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5C6152E-8420-4725-8838-3A42BD4966ED} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E612216A-5A87-4D3F-BBA9-12E5C62BB195} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6F80585-C2DC-4D1F-BF8F-15CD384B433D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6FAE083-4CB9-43EC-8829-DABE5C574012} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E750626D-11F8-48D7-A2AA-AD83A38FC0C0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E758C155-753D-4123-98BE-1B4471E9FCA2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E770FF17-23D3-43EF-A179-19FAD86C3D9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7E72FB0-56F6-4E08-8229-16AC27F81FD0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E80B36DE-7243-4163-8291-7C1D48A3BF68} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E924936B-2632-4BBD-A73C-98E167BAD9BB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E961690-B9F9-4CB1-A7DF-CAAD4DF332F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA1968C7-16D9-4641-A4BD-2446BBB3DD67} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECEDEA20-3D7D-4EEC-9E76-FE4ED876D81D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDB43F53-85AB-421F-A01D-59F5FC2EE78C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDF48402-B509-4B90-9DAC-81C553C2143} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF833E34-3C8D-4C24-9E70-373E21E3A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0FCB0B7-19CD-4D05-9FAA-CC4F58E9136F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1019F7E-D80D-4069-9415-14F64F56259F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F18312FA-A6C0-404D-A8A4-28468C58F36F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1A6D908-CC5B-4B92-B3D6-92AD43CAC6B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1C8A72-9F1D-4554-8249-BA4F93736B51} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F32C6F3C-E50F-4DDD-8543-16F4711CD7B2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F530B602-6D99-409B-85DC-94F0327CA75} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5C7B819-7A4B-4020-BA88-C5E35493ADD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5EAA288-16FA-4D45-A397-FFC98EED4374} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F67A94B7-9FB5-462F-9E7F-DBC96A828B6B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F935F427-6D2A-46E8-85AD-99EAB73F52A2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAA48004-EE76-4FC0-A726-1EAC3ABF41D4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAABB091-85E6-4395-AEAB-EB4EAF815A3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAE5CECB-8A6B-4D7F-9531-7F5F168F9123} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAE642D6-7E72-4B05-9BAD-46F0E2685E7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC2156D4-385E-46F1-94C-E87B89331710} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD09BF94-A625-4BBD-91D1-6CB01CF6397C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD0BAB8B-D30E-4317-954A-5C7D3A6B71} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD401697-BFC7-43EE-B3C9-15EC7E4EF3E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDD2D55D-DB7A-45D4-B818-9B9F314CA09} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE31981C-F30-4691-A0E1-55C9F17CB8B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE6F1223-C747-4835-9A9D-24AB74F3CB86} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF962D3B-C27E-4DEB-9B75-2CDD54FABC6} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006");
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("browser.search.order.1", "Google (avast)");
user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006");
Added to C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Hanka\AppData\Roaming\Thunderbird\Profiles\iq9ueh4y.default\prefs.js:
Added to C:\Users\Hanka\AppData\Roaming\Thunderbird\Profiles\iq9ueh4y.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default
user.js not found
---- Lines a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850 removed from prefs.js ----
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754ca
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754ca
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.active", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbar", "NA");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbarenhanced", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb.was_copied", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb.was_copied", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.backgroundver", 1);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.certdomaininstaller", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.value", "1403158206");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.expiration", "Thu Jul 17 2014 11:04:13
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.value", "%22%5C%22CZ%5C%22%22");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.description", "Browser enhancer");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.domain", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.enablesearch", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.homepage", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.changeprevious", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.iframe", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.InstallationTime", 1403158206);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin__disable_bi_pixel
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin__disable_bi_pixel
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.value", "212");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.expiration", "Thu
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastDailyReport", "1404362494439");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastUpdate", "1404362496273");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.manifesturl", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.name", "Object Browser");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.newtab", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.opensearch", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsurl", "http://js.democlientnet.com/plugin
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsversion", 175);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.publisher", "Object Browser");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.searchstatus", 0);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.setnewtab", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.thankyou", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.updateinterval", 360);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.ver", 212);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.apps", "32850");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.bic", "1462c7d5db09cd9c6f31b0201672cd2a");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.cid", 32850);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.firstrun", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.hadappinstalled", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.installationdate", 1403158201);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.modetype", "production");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.reportInstall", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.statsDailyCounter", 33);
---- FireFox user.js and prefs.js backups ----
prefs_03.04.2015_1951_.backup
ProfilePath: C:\Users\Hanka\AppData\Roaming\Thunderbird\Profiles\iq9ueh4y.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_03.04.2015_1951_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\GRETECH not found
C:\PROGRA~2\Trend Micro not found
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\PROGRA~3\spds90.txt deleted
C:\Users\Hanka\AppData\Local\Installer deleted
C:\Users\Hanka\AppData\Local\CrashRpt deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-3423487706-4037741734-473863387-1000 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\sho620E.tmp deleted
"C:\Users\Hanka\AppData\Roaming\amWlT5dmrkdu0M47j0op0KJ" deleted
"C:\Users\Hanka\AppData\Roaming\d98MqQq" deleted
"C:\Users\Hanka\AppData\Roaming\Nr1KXGMddsA" deleted
"C:\Users\Hanka\AppData\Roaming\xxhPtLc0lm3O3yUTdsRUL" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Hanka\AppData\Roaming\Thunderbird\Profiles\iq9ueh4y.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [30.01.2015 10:47]
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[26.11.2014 22:43]
Comodo Media Downloader - Hanka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
Avast Online Security - Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/ig/redirectdomain ... &bmod=ASUT",
"startup_urls": [ "http://www.google.com/ig/redirectdomain ... &bmod=ASUT" ]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... d=ie7&rlz="
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=s ... earchTerms}"
==== Reset Google Chrome ======================
C:\Users\Hanka\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Hanka\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Hanka\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Hanka\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Hanka\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Hanka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Hanka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Hanka\AppData\Local\Mozilla\Firefox\Profiles\siq3wtzz.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Hanka\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Hanka\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=18 folders=10 1767469 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Hanka\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Hanka\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 03.04.2015 at 20:22:29,17 ======================
Po realizaci pokynů z 1. odrážky se zobrazilo toto (před zprávou a za ní dělám čáru, třeba to tak bude přehlednější)._______________________________
# AdwCleaner v4.200 - Log vytvooen 03/04/2015 v 18:29:29
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Hanka - HANKA-PC
# Spuštino z : C:\Users\Hanka\Desktop\adwcleaner_4.200(1).exe
# Nastavení : Eištiní
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeee ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Mozilla Firefox v37.0 (x86 cs)
-\\ Google Chrome v41.0.2272.118
-\\ Comodo Dragon v33.1.0.1
-\\ Opera v28.0.1750.48
*************************
AdwCleaner[R0].txt - [8690 bytu] - [03/04/2015 09:16:48]
AdwCleaner[R1].txt - [1252 bytu] - [03/04/2015 09:55:04]
AdwCleaner[R2].txt - [1098 bytu] - [03/04/2015 18:27:23]
AdwCleaner[S0].txt - [8388 bytu] - [03/04/2015 09:19:21]
AdwCleaner[S1].txt - [1312 bytu] - [03/04/2015 09:59:41]
AdwCleaner[S2].txt - [1024 bytu] - [03/04/2015 18:29:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1082 bytu] ##########
______________________________________
Mám Windows 7. Po realizaci pokynů z druhé odrážky se zobrazila následující zpráva.________________________________________
Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by Hanka on p 03.04.2015 at 18:51:50,42.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Hanka\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
3.4.2015 18:53:25 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\GRETECH deleted successfully
C:\PROGRA~2\Trend Micro deleted successfully
C:\Program Files\Google deleted successfully
C:\Users\Hanka\AppData\Local\Trend Micro deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10BA09-7A3F-41EE-8033-2820CC1EF88F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12D15C4E-5BAA-42EB-A2D3-FF2D38834334} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12DBD56C-4457-4123-B8B8-65419A1876B1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14284C77-6470-459D-8DDA-29B3747D466A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{142D4FDF-F298-42EE-85D1-6E638C59F82} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{142DED66-B287-414B-AED8-4F5A320C17C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14341786-DF07-4775-B2C9-2B846D3D81B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{157D13C7-762B-4F61-AA45-EAFC3255A822} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{179E2B8E-E3F-43E7-AB26-846AD1DF4F93} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A3B4F10-3C9-4F2E-AF2A-31685BE3D257} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A652FF0-BC6E-4603-87AD-7AE68ACC982} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BF3F094-8A48-44AA-9398-F759E42D954} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D0B1E1-FC1C-4179-9E8A-8B5CC9763B9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E225BEA-164-4EEF-BAE8-B1E01E56E1BF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EB02D35-DDCE-4E1A-898C-AC60CFB7BC4F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EFBA767-FC97-4C16-BC49-DE7235768229} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FBABDED-5C74-40B4-949-F02984A5C738} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20AB8D2D-6993-43D5-BF2-641A18A8B7E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20BE5823-D6A5-442E-BE68-1C63F2CC6B22} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{217A4877-FF09-4A3D-BA9-5C3B3F855B18} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22A6AFBB-2B18-43A7-BDCE-69F1EA775471} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22EF8983-8CA-467E-9756-4B270D7482} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2379D798-A516-421B-BAED-217087F65B4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{238D1636-28B3-4E79-A825-1419B8622FBE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23C085EE-D1D-426D-8856-C1FF208FC0A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{260518F5-9250-487A-9DC7-6AAC39E31F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27746D5E-70E3-4DA6-B87A-AE721BFFDC4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27A40DB8-BE29-49E3-B7F8-B874FE3CC7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29CDD94-A70E-4801-AFEC-7A7A335A19C5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A41F763-C387-49F6-98C2-4EC4A2C4F732} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B03DA6F-6D86-4872-9022-179D291AF4A5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BFD1A8D-981B-48EA-A2B2-E8A2CD5D195} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C58F765-6F79-475F-9918-FFB3C08CD27A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C59A35-49E2-4E2A-90BE-9B79E8805F90} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DA963C1-373A-4F77-917C-9892DBD6A0DE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F348087-50BD-4764-9263-50A8FB88767A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F5F2635-8497-4557-9CAC-E9C162DE63AA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F8C974F-7B1D-4353-B4D2-A404EE9E49} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FA44EED-AAD2-47D4-9342-FB4FD449CB0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3011F198-AF93-4412-8A84-225A8531AF40} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31EA906D-B53C-4522-AC47-29AAB921BBD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32455E7-35B6-4D0B-AC26-6C4128BA1BB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33A5C682-75FE-47A1-B9A6-2A4DAC556CF5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{347A7305-AFB5-4CA8-B263-91F9BC785349} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36CD775-DEF8-494C-9B68-BE99D1B2FE5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36F7FFB8-2A8B-45AB-865E-713765E86AD9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38FA402-8B14-49CB-B955-16CB29E09D3A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39B3C275-7949-40A1-B9AA-57F8740D2DB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A734346-6C69-4119-81E0-46DBBC6D85D0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BD77050-1F44-485A-B773-82DE990390} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CCC5AD1-887-431E-9BF6-17BBF92EB9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D0B7FB7-A274-4A15-8C3C-1CFAC85C637} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DF4EF58-48FA-409F-B5EB-C77A5FAA293C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E61172-EE3F-4B3E-91CF-3CA4AA434124} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E9BC191-DA86-4BD3-89C8-EF5A81EA0C1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{406772A7-8870-4F09-A83D-4E72AD31286} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40D9BF7-FB17-4FAF-A72B-78F9A1C6A687} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{413E034-66ED-4310-A4D5-4AC0ADC54B0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41CA62-F78D-492A-83FE-A134D457ACF8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4219DD08-95B2-4361-99F8-479B4CF94EE3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42761EDE-3A9B-40E1-8ABA-9476983558B6} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4321BE0D-7793-4DAD-98BB-DF882A44C412} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43758F94-76E-4A0D-A670-23FAD94E8ADB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44383BDF-EAC3-48D5-BA1-11E8E3DC56C7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44E286C-12AC-4774-B597-CFA6BDDE04} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{455ECE8D-FDA9-45E6-BDCA-EF551823707} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{458B60D4-121B-4D33-8B8E-6628F7CAFB8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46A80956-2AC9-4555-BB5B-1B7EE562AD44} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49A51EF3-AB2E-4458-88C-18C30102D56} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A70EA80-322C-4D65-94F0-D7D4EA50E2BD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B8872B-2F74-4AC8-9B20-FC66B91A44E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BB04F76-3DA2-45D9-9520-4ADE82CCC2C0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BF9DA8-BD3C-4B40-962A-B4C159C7D21F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CFD8B1F-9909-42DE-A5A6-A3E6BEBE6B1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D0F1182-BDF6-483A-BAC3-22DFD83D477D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E457922-E67C-4403-ACF6-22788AB70F3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EB75BC8-CB37-4817-A47A-8D1427416111} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F8A7AAD-A63A-46DA-8E5E-15D623D1792} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FC1CC9D-79A3-42F0-87AB-B5D15AEC5D57} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5071EBEF-5199-4F16-A1F4-A46EBF456CFD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{510DBEFE-B9B6-4463-9928-35ADADFA1CAB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{511057E5-C988-4F1C-B7B6-FF18B4DE669F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5126A118-38BB-4CDF-B970-C0A5C576B579} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5149FB2E-E1C7-4CB8-8E16-A6A65D878057} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{517F75E3-2D2-4038-9783-D702EA16E9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51D9CD8E-5639-46C6-9E88-67DA7C8D313} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5215F338-D387-40BE-9B72-A8887106074} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52DC5931-42EB-4E90-9278-D7AFBCC48F68} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{536BA714-EED8-4FA0-AC0-FD8AA52C7C9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{545F7F51-E9A4-4B01-B7C6-E1459695D39A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54BB5D0-170C-4E90-BE21-4B6D9F2DE972} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57931746-B6FE-4151-8A15-FC9BA5EE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{585DFBED-A5FC-435F-ABA2-B7E1EC80AEC2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58C911F6-594-47B7-A127-FBB928FDA52} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58E1B4BD-6943-41A4-ADD2-D79D49FAE11} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{591728EC-491B-455E-B0C8-BD1941FFFFC0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A39FCE4-B382-4176-8F6B-53F943DEF98} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B1462EA-6D35-4009-B4D7-91D14B4026A1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B3BE7D7-CBFD-4AEB-8CEA-B1A2B26ED7F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D8ED867-1B97-4EED-A054-6DFA7EA549CB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E796224-2393-467F-B6D3-A177AAD4B391} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{600B1C4F-8D92-4EE8-B37-AB1EFA450C2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{604C624E-DC36-4776-B179-46DF42317EFE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60E4CE76-3BE0-437D-90C5-255724DA40E1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6181016A-DBD0-4BF2-8C21-299B45108758} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61997BE6-FB73-4424-AF45-6176CB39DED7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6369A637-233E-4413-A348-EE22A05126AD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{645FA7A5-54A9-4CF9-BDF6-81409A67AE28} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64E9631D-FEFD-48EA-A9CC-36B8D6A71C7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{654B7936-2966-414E-91F1-F92F738B8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65C049EC-B041-4B0E-A467-30BE1B62D03F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{660EA19-F703-4AE3-98A2-6D4C7BE25618} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66F695C6-E7-4B11-B074-3559A3961B69} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{678BD569-D39-4E41-824-318C253C352} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68E79584-6F04-49A5-96A1-EF914BF88353} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{697E4668-7489-4023-93D2-B7F89E65C935} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A7A6B0D-8FF2-495E-8E2E-BE3B661A8BAD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D3E8C2D-E0EE-4CCF-922A-A8963EBA1B3D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D598BF0-90D9-4E48-8D86-635C91129FA2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E27DD5B-D1A2-4319-B112-CBD25EAEE4C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F217FD0-3553-4133-B26D-24745E2C40CE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F363382-783-4AC7-A01D-491D474403A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F3C7849-4E22-463F-8A88-32426E20C23D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70809CBD-75FD-4A1F-A3AB-10F15E0BF5D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{720E3289-617D-458C-9EAD-47EF40CA7A31} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72174935-CFAA-42DB-9B5C-5F70E07D58B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{726E40A3-F6F1-4333-8DFF-3E9881A4B6E8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{728FD426-7C18-4520-91F9-14F7D886E52F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73EE0D06-B0EE-46BB-9758-FBB42E23A0A7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75131DDA-D9B8-4EFB-B050-C5F8CD501085} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76F405A8-A3E9-4999-81E3-8BCAE29A3B22} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{778EDA56-B55B-4114-B3E5-B1614774CEFE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77C76339-BA3A-4F9B-8560-91E7FA979D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{784FA5BF-6AA9-4C0E-BEA1-5F6B90759589} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7902C8C3-54D8-4345-B6BE-B5792A16AC3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B78694F-F633-4959-BE53-B14746094C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C35A7EE-CA36-43E7-A26B-5BE13BFF9AF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DB49ED7-E5C5-4688-9361-B4EE2982807A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E188AD2-B30A-4245-AE18-6F66577EFB7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E4CFA9F-FDD8-4736-B428-6C4773CAF12D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F18BA36-A097-4511-9CFA-B7C2875A8C71} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F4C5404-B90B-4983-8AAF-C9AC216A8CED} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F8E4125-DDE0-499C-A52D-645C6D8F8F48} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{804E97D4-CA2F-4EF3-9176-282187F48637} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80620005-C585-45A8-931B-EFF848E6FE24} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80F5C44B-9B4C-4416-A5B3-C5B4D3672D9F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{810E3398-4C51-4F17-842D-3A98BACA64} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819BD041-EE77-458E-BB17-F3EA2B83B67B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81ADA741-31C1-4341-A249-6DE3505292A2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82E2DBC0-1B61-4851-9035-69D2488F5F5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83DE4BA9-6B26-4EBB-836B-A65791826A5B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8468F4A5-FEF8-4BFF-A369-5F6894D759D6} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88468B4-8D6F-4EA6-A582-2C25113A3A6} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{891664A5-7228-4081-B15B-E1EE3161DEA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B240509-7235-4264-83BC-70D7826FB6E8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B79E5C8-EF29-4844-9164-F2A82EB824A0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CAB4B01-E28E-4CD1-97FA-D3DA473DF455} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D431B4C-8DC3-4C94-8DC-ED48E75CDDD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D9B3D01-D848-4264-85EB-94174F1A4119} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E00661A-D870-4DC2-BE4A-5FC2BF1424D1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E2B27D3-B8F1-4251-90A0-8B3A8423AE9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E69487F-FE12-4DAF-B743-7E2B5CDD1B3A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F11FD57-ACE0-4853-B376-D2185BFAC049} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F25930A-D3B7-47AC-A29D-F2AB62AF6772} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F97CDEE-2B30-440F-B21D-2C1C2F2AE8E1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90B97C31-160E-495E-9F29-C696C627CACB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{912C9783-A50A-48C8-91DE-94E33C4562F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92343052-EC0F-416B-9F87-E07B97AB4C51} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9236A6FB-6962-40A9-9C6F-AA893924355F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92BDAAAF-3C99-4705-97AE-5F1FE64835B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9344726C-FA93-4D8B-B61-1C35CEEB138B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{937D5700-9F02-4C3A-8D32-EF511D88DD77} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{954C67BE-6AFA-4AFB-8355-25CC45C2F1CF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95B19C4B-E4B6-4D24-BC48-B1B63ECE318} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{963AAAF8-6462-4DB7-B08C-1A89DBFD6DD8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96D3D410-C7F1-4FD9-8576-B9B067EF42FC} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99A0B7C5-2194-42EA-9297-36F4D5B9CD2F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99EA04F9-6092-4079-BAB2-CCF3C6E49E20} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AECC83-54B-45DE-88C7-8567DA4C677} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C44F5E8-782C-4B2A-B06C-BF843B97BB19} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CC4C22B-5ACA-4FA4-8960-176C50586269} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CFEBEBC-8360-4E8D-9345-DFCEFE1779C5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E6D2B15-E23F-4765-902C-E0571BBEC0A0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F6AA3F0-8184-4232-9560-8ED1CAAAEA9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A10A763B-6F2F-46E2-814-18DC9B7D63EA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A195EDD8-FEEA-4167-BCC6-FFEA788268ED} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A198D996-BBEE-4116-AB8D-FF8465744059} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A304536C-A5AF-48BB-AD52-B078AD94E5F1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A42A76A6-7D62-400F-AA81-95D66E8FD8AD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5800A4-BE6D-4D42-9A23-B84ECEC637A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AB46FB-31DB-49A4-A6DA-9D45A8AE31EF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7625297-D35F-4D7E-B035-70774DE1E64C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A845D0D2-DD1B-4BC7-A656-D787D4B412EF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A85779F0-76F9-497B-9F22-44BCA9DD4F38} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8B55214-E000-418E-9A90-8C59D556EF5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A901B24F-3C9-4DCC-8925-F36FAA329B67} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA41CC5-BA3A-4F08-AE55-B434032AC3E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAF96081-E80F-4F97-B873-E5A2A26057FA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB94D949-1BE9-4E4B-87A4-8A695C29FCC0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC2E70F7-2FAA-4120-A990-A05613219183} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD5B74E-DADE-4590-87FD-5278E12A37F2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF8DF20B-CBFA-446F-8A24-4BF7C647632} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDCF78A-6BE4-4259-995F-BB33274A1C5B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B09E5FDF-ED1D-462E-B33C-23C7FD81625C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0A6C089-1E12-46B0-A4C4-89F57402EE4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0DC01E6-7882-4F6D-8613-AF3E2F1BFEB7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3CFDD16-B3E4-4F9F-B916-BB76E6519EB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4466354-3CF5-4783-B547-A84AB0881D39} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4D49A11-C78D-4251-886B-5DBB9BBC3DF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B51AAAE0-1162-4EBE-B5D5-EF3491D6BEE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B536E381-68CE-407A-975C-FA818F7D7FB2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B549BC13-D651-46C2-8A2F-3F81FA7266A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9B8BB41-C7DD-4FDE-B844-C23A6A8F35ED} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9FE6C49-41BE-469F-A69D-5D9A1B9556B9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA0C9C23-4708-4425-93BD-5EC9A35CEFF0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB388E6D-4845-46F1-A341-4C81753421A3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC2B6024-977E-4D86-B3CD-648737B9BD1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC816102-AB51-4ED3-968D-74D777BEED68} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2A9707B-DEED-4B4F-9C5C-CB8BF2EC2266} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3CF4433-F49F-4D82-8729-465F257FA5F0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4CD86C7-E800-4A2A-AD17-63732C3E16B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5CF4284-6419-4A9F-AA1B-EDC52B4013EA} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6D627-A1DE-4924-8896-F4FEA7A622CF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6EADA67-918F-4EE7-9B30-E99BD57A9B8B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C83096C9-29CB-415E-9926-A48471D36282} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C96145B3-9AEE-4E55-833-EBA9944098A8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9A74A5A-65C4-4BF9-AD69-9784DAC9F98B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA7F4F17-AD14-4D03-AB32-1C9FC93DDC4A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAE18760-71F0-4F35-AC68-265783EBCC80} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC188541-CCDF-435A-9F96-21813BEA3571} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD8A8D98-E355-4AE8-ACCD-30C4578A8D4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDDF8338-180-403B-AB31-B55BAAAE51F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE753CE0-41EF-4729-A878-AADC132FDB21} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE82BA69-2880-4B95-B1C2-7FD9D7A2563} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEC092C5-E491-4586-AE42-471D70E712FE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF05474B-C3-48EC-A7BB-74515C383570} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFB462C2-25B3-4F05-817-9FBC5C4854C9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFBFA641-2FD1-4249-9DCF-CE8721651C9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D040C6AC-DC3D-473C-8F46-537DC0BB7116} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D11B8E6B-D498-4CED-8AD3-A99CAA575415} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1AB6055-7F6B-4F15-9CB1-A26BF891B7D1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1ED0552-8E14-41F3-86D7-FDEEF1CF4C0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1EFEAC3-9635-449D-B533-59F27732EA1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3C8A746-8A1-481A-BCD7-C644BAB98D4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D432E6B7-D6BC-4194-8479-89A1BA51526} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4843577-1AA7-44C2-A748-D658A6625786} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D568769C-FE6F-43CB-8B6-14EB53C0B0BE} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5E01A-8820-4922-95E5-8D84ABB65B8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6AE4DDF-DA80-491C-88E9-44D655F3BB62} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6F2B1C8-7984-42EB-A15C-B4FCA09F848} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D81B980F-1A03-4C2F-A99E-8B1ED5C5F2B5} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8C66D79-33C4-4337-AAA6-6DC5EAA16E6} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D98EBD33-FDA4-4755-83F4-261B494787BF} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9B30371-535E-4098-A9ED-40D3D2267B7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9CD74E1-7916-4812-96CD-E2B5592055F3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA067F1F-322C-4B0F-BA86-19E570EE1CC7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA556AAF-E98D-40EF-B19-C28033892D9F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA980476-798E-48BF-8C9F-1BC8CF9912F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB07FEF1-4BB1-459C-80BE-AD8C486C26AD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB59EB0A-3BCE-4B28-8B34-DDE66BEFA956} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD38A158-FA1D-43CB-A9FC-2CBC56CCED9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEB58E41-56A7-4809-AA1F-977BA8FF53} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF5B196C-B56E-408D-A75C-98B195A08271} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFCA964-A5AF-415D-A35F-3A4C239E48E2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E038D4D9-66BF-4B45-A89-592FBDB9982D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0B54135-B781-4C18-9033-F7168C1D97F2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E193694-6EB7-4139-841E-D273AECDD26E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E214CDF5-FB3B-47D5-9467-B1EF0B015D3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3F17410-9A1A-465C-8878-E9559E8965} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4470EE4-5B54-42B3-B625-C94C64D270} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E45CF8D4-6DA4-49AA-9EAA-D1A4D64AC33C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E50F6761-1752-4F76-BD38-2C4199C45CF1} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5AD4AE9-A809-4317-B88B-B012E7DD3C8} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5C6152E-8420-4725-8838-3A42BD4966ED} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E612216A-5A87-4D3F-BBA9-12E5C62BB195} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6F80585-C2DC-4D1F-BF8F-15CD384B433D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6FAE083-4CB9-43EC-8829-DABE5C574012} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E750626D-11F8-48D7-A2AA-AD83A38FC0C0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E758C155-753D-4123-98BE-1B4471E9FCA2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E770FF17-23D3-43EF-A179-19FAD86C3D9} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7E72FB0-56F6-4E08-8229-16AC27F81FD0} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E80B36DE-7243-4163-8291-7C1D48A3BF68} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E924936B-2632-4BBD-A73C-98E167BAD9BB} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E961690-B9F9-4CB1-A7DF-CAAD4DF332F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA1968C7-16D9-4641-A4BD-2446BBB3DD67} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECEDEA20-3D7D-4EEC-9E76-FE4ED876D81D} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDB43F53-85AB-421F-A01D-59F5FC2EE78C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDF48402-B509-4B90-9DAC-81C553C2143} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF833E34-3C8D-4C24-9E70-373E21E3A} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0FCB0B7-19CD-4D05-9FAA-CC4F58E9136F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1019F7E-D80D-4069-9415-14F64F56259F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F18312FA-A6C0-404D-A8A4-28468C58F36F} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1A6D908-CC5B-4B92-B3D6-92AD43CAC6B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1C8A72-9F1D-4554-8249-BA4F93736B51} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F32C6F3C-E50F-4DDD-8543-16F4711CD7B2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F530B602-6D99-409B-85DC-94F0327CA75} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5C7B819-7A4B-4020-BA88-C5E35493ADD} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5EAA288-16FA-4D45-A397-FFC98EED4374} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F67A94B7-9FB5-462F-9E7F-DBC96A828B6B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F935F427-6D2A-46E8-85AD-99EAB73F52A2} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAA48004-EE76-4FC0-A726-1EAC3ABF41D4} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAABB091-85E6-4395-AEAB-EB4EAF815A3} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAE5CECB-8A6B-4D7F-9531-7F5F168F9123} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAE642D6-7E72-4B05-9BAD-46F0E2685E7} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC2156D4-385E-46F1-94C-E87B89331710} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD09BF94-A625-4BBD-91D1-6CB01CF6397C} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD0BAB8B-D30E-4317-954A-5C7D3A6B71} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD401697-BFC7-43EE-B3C9-15EC7E4EF3E} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDD2D55D-DB7A-45D4-B818-9B9F314CA09} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE31981C-F30-4691-A0E1-55C9F17CB8B} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE6F1223-C747-4835-9A9D-24AB74F3CB86} deleted successfully
HKEY_USERS\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF962D3B-C27E-4DEB-9B75-2CDD54FABC6} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006");
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("browser.search.order.1", "Google (avast)");
user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006");
Added to C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Hanka\AppData\Roaming\Thunderbird\Profiles\iq9ueh4y.default\prefs.js:
Added to C:\Users\Hanka\AppData\Roaming\Thunderbird\Profiles\iq9ueh4y.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default
user.js not found
---- Lines a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850 removed from prefs.js ----
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754ca
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754ca
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.active", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbar", "NA");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbarenhanced", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb.was_copied", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb.was_copied", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.backgroundver", 1);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.certdomaininstaller", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.value", "1403158206");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.expiration", "Thu Jul 17 2014 11:04:13
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.value", "%22%5C%22CZ%5C%22%22");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.description", "Browser enhancer");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.domain", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.enablesearch", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.homepage", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.changeprevious", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.iframe", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.InstallationTime", 1403158206);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin__disable_bi_pixel
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin__disable_bi_pixel
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.value", "212");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.expiration", "Thu
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastDailyReport", "1404362494439");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastUpdate", "1404362496273");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.manifesturl", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.name", "Object Browser");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.newtab", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.opensearch", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsurl", "http://js.democlientnet.com/plugin
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsversion", 175);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.publisher", "Object Browser");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.searchstatus", 0);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.setnewtab", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.thankyou", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.updateinterval", 360);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.ver", 212);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.apps", "32850");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.bic", "1462c7d5db09cd9c6f31b0201672cd2a");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.cid", 32850);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.firstrun", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.hadappinstalled", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.installationdate", 1403158201);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.modetype", "production");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.reportInstall", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.statsDailyCounter", 33);
---- FireFox user.js and prefs.js backups ----
prefs_03.04.2015_1951_.backup
ProfilePath: C:\Users\Hanka\AppData\Roaming\Thunderbird\Profiles\iq9ueh4y.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_03.04.2015_1951_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\GRETECH not found
C:\PROGRA~2\Trend Micro not found
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\PROGRA~3\spds90.txt deleted
C:\Users\Hanka\AppData\Local\Installer deleted
C:\Users\Hanka\AppData\Local\CrashRpt deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-3423487706-4037741734-473863387-1000 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\sho620E.tmp deleted
"C:\Users\Hanka\AppData\Roaming\amWlT5dmrkdu0M47j0op0KJ" deleted
"C:\Users\Hanka\AppData\Roaming\d98MqQq" deleted
"C:\Users\Hanka\AppData\Roaming\Nr1KXGMddsA" deleted
"C:\Users\Hanka\AppData\Roaming\xxhPtLc0lm3O3yUTdsRUL" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Hanka\AppData\Roaming\Thunderbird\Profiles\iq9ueh4y.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [30.01.2015 10:47]
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[26.11.2014 22:43]
Comodo Media Downloader - Hanka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
Avast Online Security - Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/ig/redirectdomain ... &bmod=ASUT",
"startup_urls": [ "http://www.google.com/ig/redirectdomain ... &bmod=ASUT" ]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... d=ie7&rlz="
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=s ... earchTerms}"
==== Reset Google Chrome ======================
C:\Users\Hanka\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Hanka\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Hanka\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Hanka\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Hanka\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Hanka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Hanka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Hanka\AppData\Local\Mozilla\Firefox\Profiles\siq3wtzz.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Hanka\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Hanka\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=18 folders=10 1767469 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Hanka\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Hanka\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 03.04.2015 at 20:22:29,17 ======================
Re: Adware (?) "Ads by name"
Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
- Ulozte nejlepe na Plochu a rozbalte
- Spustte kliknutim na mbar
- Nyni postupne kliknete na Next a Update
- Po dokonceni update (aktualizace) databaze kliknete opet na Next
- Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
- Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
- Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
- Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
- PC bude restartovan
- Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Adware (?) "Ads by name"
Díky. Výsledkem bylo "no malware found" a tato zpráva:
_______________________________________
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.04.03.06
rootkit: v2015.03.31.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17691
Hanka :: HANKA-PC [administrator]
3.4.2015 20:48:34
mbar-log-2015-04-03 (20-48-34).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 356894
Time elapsed: 33 minute(s), 23 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
_______________________________________
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.04.03.06
rootkit: v2015.03.31.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17691
Hanka :: HANKA-PC [administrator]
3.4.2015 20:48:34
mbar-log-2015-04-03 (20-48-34).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 356894
Time elapsed: 33 minute(s), 23 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Re: Adware (?) "Ads by name"
Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Adware (?) "Ads by name"
Díky za rady, Spybot - Search & Destroy smazán.
Ale http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe mi prostě nejde stáhnout
. Neustále dochází k blokaci stahování ("Blokováno: Může obsahovat virus nebo spyware..."). Zcela jsem vypnul firewall a úplně odinstaloval avast (dočasně, nenašel jsem možnost dočasného vypnutí), nechápu, co může stahování ještě blokovat, ale tahle stránka pro mě zůstává nějaká začarovaná :-/.
Ale http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe mi prostě nejde stáhnout
. Neustále dochází k blokaci stahování ("Blokováno: Může obsahovat virus nebo spyware..."). Zcela jsem vypnul firewall a úplně odinstaloval avast (dočasně, nenašel jsem možnost dočasného vypnutí), nechápu, co může stahování ještě blokovat, ale tahle stránka pro mě zůstává nějaká začarovaná :-/.Re: Adware (?) "Ads by name"
Tak spustte jen samotny FRST, postup je pak stejny
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Adware (?) "Ads by name"
Díky, tady je log, Addition.txt je v příloze:
_____________________________________
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Hanka (administrator) on HANKA-PC on 04-04-2015 10:24:35
Running from C:\Users\Hanka\Desktop
Loaded Profiles: Hanka & (Available profiles: Hanka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Dropbox, Inc.) C:\Users\Hanka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-07-15] ()
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-09-17] (VIA)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-03] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] ()
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hanka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3423487706-4037741734-473863387-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3423487706-4037741734-473863387-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-03] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-03] (Avast Software s.r.o.)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default
FF DefaultSearchEngine: Google (avast)
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll [2014-05-26] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll [2014-05-26] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF SearchPlugin: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default\searchplugins\google-avast.xml [2015-04-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-03]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-03]
CHR Extension: (Google Docs) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-12]
CHR Extension: (Google Drive) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-12]
CHR Extension: (YouTube) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-12]
CHR Extension: (Google Search) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-12]
CHR Extension: (Google Sheets) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-03]
CHR Extension: (Google Wallet) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-08]
CHR Extension: (Gmail) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-03] (Avast Software s.r.o.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-03] ()
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [117760 2009-10-15] (ELAN Microelectronic Corp.) [File not signed]
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
U2 TMAgent; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-04 10:24 - 2015-04-04 10:27 - 00018097 _____ () C:\Users\Hanka\Desktop\FRST.txt
2015-04-04 10:21 - 2015-04-04 10:24 - 00000000 ____D () C:\FRST
2015-04-03 23:11 - 2015-04-03 23:11 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\AVAST Software
2015-04-03 23:10 - 2015-04-03 23:10 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-03 23:10 - 2015-04-03 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-03 23:09 - 2015-04-03 23:09 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-03 23:09 - 2015-04-03 23:09 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-03 23:09 - 2015-04-03 23:09 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-03 23:06 - 2015-04-03 23:06 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-03 23:04 - 2015-04-03 23:04 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Hanka\Downloads\avast_free_antivirus_setup_online.exe
2015-04-03 22:16 - 2015-04-03 22:17 - 00000085 _____ () C:\Windows\wininit.ini
2015-04-03 20:48 - 2015-04-03 22:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-03 20:47 - 2015-04-03 22:14 - 00000000 ____D () C:\Users\Hanka\Desktop\mbar
2015-04-03 20:45 - 2015-04-03 20:46 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Hanka\Desktop\mbar-1.09.1.1004.exe
2015-04-03 20:04 - 2015-04-03 18:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-03 18:52 - 2015-04-03 20:22 - 00078901 _____ () C:\zoek-results.log
2015-04-03 18:51 - 2015-04-03 18:51 - 01305600 _____ () C:\Users\Hanka\Desktop\zoek.exe
2015-04-03 18:48 - 2015-04-03 18:48 - 00003108 _____ () C:\Windows\System32\Tasks\{F5B56D68-7615-4FC2-82EF-A7722165D554}
2015-04-03 18:47 - 2015-04-03 18:47 - 00001404 _____ () C:\Users\Hanka\Desktop\assas.txt
2015-04-03 18:46 - 2015-04-03 19:51 - 00000000 ____D () C:\zoek_backup
2015-04-03 18:46 - 2015-04-03 18:46 - 00003120 _____ () C:\Windows\System32\Tasks\{19DA41E0-8BB9-48C0-9A7D-0D172672FCC2}
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.scr
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.pif
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.com
2015-04-03 18:45 - 2015-04-03 18:45 - 04317228 _____ () C:\Users\Hanka\Desktop\zoek.rar
2015-04-03 18:44 - 2015-04-03 18:44 - 04058604 _____ () C:\Users\Hanka\Desktop\zoek.zip
2015-04-03 18:25 - 2015-04-03 18:25 - 02208768 _____ () C:\Users\Hanka\Desktop\adwcleaner_4.200(1).exe
2015-04-03 17:41 - 2015-04-03 17:42 - 15971616 _____ (IObit) C:\Users\Hanka\Downloads\iobituninstaller.exe
2015-04-03 16:49 - 2015-04-03 16:51 - 00000000 ____D () C:\Program Files\trend micro
2015-04-03 16:49 - 2015-04-03 16:49 - 00000000 ____D () C:\rsit
2015-04-03 16:48 - 2015-04-03 16:49 - 01222144 _____ () C:\Users\Hanka\Downloads\RSITx64.exe
2015-04-03 16:43 - 2015-04-03 16:43 - 389884975 _____ () C:\Windows\MEMORY.DMP
2015-04-03 16:43 - 2015-04-03 16:43 - 00277704 _____ () C:\Windows\Minidump\040315-30950-01.dmp
2015-04-03 16:28 - 2015-04-03 16:28 - 00277704 _____ () C:\Windows\Minidump\040315-32058-01.dmp
2015-04-03 16:11 - 2015-04-03 16:12 - 41840320 _____ (Microsoft Corporation) C:\Users\Hanka\Downloads\Windows-KB890830-x64-V5.22.exe
2015-04-03 15:48 - 2015-04-03 15:48 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-03 15:48 - 2015-04-03 15:48 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-03 15:46 - 2015-04-03 15:46 - 00003820 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1396184755
2015-04-03 15:45 - 2015-04-03 15:45 - 00243472 _____ () C:\Users\Hanka\Downloads\Firefox Setup Stub 37.0.exe
2015-04-03 15:02 - 2015-04-03 22:17 - 02095616 _____ (Farbar) C:\Users\Hanka\Desktop\FRST64.exe
2015-04-03 15:01 - 2015-04-03 15:02 - 00000000 ____D () C:\Users\Hanka\Desktop\různé
2015-04-03 12:50 - 2015-04-03 12:50 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HANKA-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-03 12:50 - 2015-04-03 12:50 - 00000000 ____D () C:\RegBackup
2015-04-03 12:48 - 2015-04-03 12:48 - 01418897 _____ (Thisisu) C:\Users\Hanka\Downloads\JRT.exe
2015-04-03 12:09 - 2015-04-04 10:17 - 00000504 _____ () C:\Windows\setupact.log
2015-04-03 12:09 - 2015-04-04 10:16 - 00326258 _____ () C:\Windows\PFRO.log
2015-04-03 12:09 - 2015-04-03 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-03 11:27 - 2015-04-04 10:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-03 11:26 - 2015-04-03 20:47 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-03 11:26 - 2015-04-03 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-03 11:26 - 2015-04-03 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-03 11:26 - 2015-04-03 11:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-03 11:26 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-03 11:26 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-03 11:25 - 2015-04-03 11:25 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Hanka\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-03 10:05 - 2015-04-03 10:05 - 00001185 _____ () C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00001103 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\IObit
2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-04-03 09:16 - 2015-04-03 18:47 - 00000000 ____D () C:\AdwCleaner
2015-04-03 09:16 - 2015-04-03 09:16 - 02208768 _____ () C:\Users\Hanka\Downloads\adwcleaner_4.200.exe
2015-04-03 08:57 - 2015-04-03 22:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-03 08:57 - 2015-04-03 22:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-03 08:57 - 2015-04-03 08:57 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-04-03 08:55 - 2015-04-03 08:56 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hanka\Downloads\spybot-2.4.exe
2015-04-03 08:48 - 2015-04-03 11:23 - 00008300 _____ () C:\Users\Hanka\Downloads\software_removal_tool.log
2015-04-02 17:42 - 2015-04-02 17:42 - 00000000 ____D () C:\ProgramData\IObit
2015-04-02 17:41 - 2015-04-03 10:04 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup.exe
2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup(1).exe
2015-04-02 17:37 - 2015-04-02 17:41 - 00000000 ____D () C:\Program Files (x86)\EMCO Remote Connection Analyzer
2015-04-02 17:37 - 2015-04-02 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO Remote Connection Analyzer
2015-04-02 17:35 - 2015-04-02 17:35 - 00984499 _____ () C:\Users\Hanka\Downloads\analyzersetup.zip
2015-04-02 16:43 - 2015-04-03 17:43 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-02 15:43 - 2015-04-03 11:43 - 00000000 ____D () C:\Program Files (x86)\winter web
2015-04-01 19:44 - 2015-04-01 21:06 - 695562882 _____ () C:\Users\Hanka\Downloads\Temný-případ-.True-Detective.S01E01-CZ-dabing.Vaca.avi
2015-04-01 19:43 - 2015-04-01 20:33 - 612987616 _____ () C:\Users\Hanka\Downloads\Temný-případ-.True-Detective.S01E07-CZ-dabing.Vaca.avi
2015-03-30 19:41 - 2015-03-30 20:06 - 234937074 _____ () C:\Users\Hanka\Downloads\House.Of.Cards.2013.S03E13.WEBRip.x264-2HD-+-cz-titulky.mkv
2015-03-30 19:40 - 2015-03-30 20:02 - 204307343 _____ () C:\Users\Hanka\Downloads\House.Of.Cards.2013.S03E12.WEBRip.x264-2HD-+-cz-titulky.mkv
2015-03-29 22:50 - 2015-03-29 23:15 - 242712807 _____ () C:\Users\Hanka\Downloads\House.Of.Cards.2013.S03E11.WEBRip.x264-2HD-+-cz-titulky.mkv
2015-03-29 22:49 - 2015-03-29 23:15 - 244575079 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E10.WEBRip.x264-2HD-+-cz-titulky.mkv
2015-03-28 02:20 - 2015-03-28 02:44 - 228043450 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E09.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-28 02:20 - 2015-03-28 02:39 - 188119876 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E08.WEBRip.x264-2HD+-cz-titulky(1).mkv
2015-03-26 23:07 - 2015-03-26 23:26 - 188119876 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E08.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-26 23:05 - 2015-03-26 23:30 - 237015471 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E07.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-26 20:46 - 2015-03-26 20:46 - 00218682 _____ () C:\Users\Hanka\Downloads\wp-creator-calculator.3.6.5.zip
2015-03-25 22:27 - 2015-03-25 22:53 - 215176516 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E06.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-25 22:26 - 2015-03-25 23:18 - 226744974 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E05.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-25 11:26 - 2015-03-25 11:46 - 185576081 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E04.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-25 11:25 - 2015-03-25 11:57 - 299176520 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E03.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-25 11:18 - 2015-03-25 11:18 - 00000000 ____D () C:\Users\Hanka\Downloads\httrack-noinst-3.47.20
2015-03-25 11:17 - 2015-03-25 11:17 - 04351502 _____ () C:\Users\Hanka\Downloads\httrack-noinst-3.47.20.zip
2015-03-25 11:08 - 2015-03-25 11:08 - 02091089 _____ ( ) C:\Users\Hanka\Downloads\getleft-setup-v1.1.2-full.exe
2015-03-25 09:01 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 09:01 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 09:01 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 09:01 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 09:01 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 09:01 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 09:01 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 09:01 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 10:20 - 2015-03-24 10:20 - 00011608 _____ () C:\Users\Hanka\Downloads\excel-to-web-calculator.xlsx
2015-03-24 10:09 - 2015-03-24 10:09 - 00000000 ____D () C:\Users\Hanka\Desktop\kk_soubory
2015-03-24 09:43 - 2015-03-24 09:43 - 00144092 _____ () C:\Users\Hanka\Downloads\Duchodova_kalkulacka_141111.html
2015-03-23 23:29 - 2015-03-23 23:53 - 232919330 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E01.WEBRip.x264-2HD+cz-titulky-v-obraze.mkv
2015-03-23 23:28 - 2015-03-23 23:51 - 214394082 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E02.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-23 20:28 - 2015-03-23 20:53 - 232919330 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E01.WEBRip.x264-2HD+cz-titulky.mkv
2015-03-23 20:25 - 2015-03-23 20:50 - 244795751 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E13.BDRip.x264-DEMAND.CZsub.mkv
2015-03-23 12:01 - 2015-03-23 12:19 - 173937282 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E12.BDRip.x264-DEMAND.CZsub.mkv
2015-03-23 11:59 - 2015-03-23 12:21 - 218925489 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E11.BDRip.x264-DEMAND.CZsub.mkv
2015-03-22 17:29 - 2015-03-22 17:29 - 00094782 _____ () C:\Users\Hanka\Downloads\Free-Rainer(0000114836).srt
2015-03-22 17:20 - 2015-03-22 19:17 - 2097433619 _____ () C:\Users\Hanka\Downloads\zivot.je.cudo.2004.DVDrip.x264.drS.czsrt-001.mkv
2015-03-22 12:32 - 2015-04-03 15:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-20 22:59 - 2015-03-20 23:21 - 203973976 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E09.BDRip.x264-DEMAND.CZsub.mkv
2015-03-20 22:59 - 2015-03-20 23:20 - 195854933 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E10.BDRip.x264-DEMAND.CZsub.mkv
2015-03-20 14:42 - 2015-03-20 15:03 - 194683849 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E08.BDRip.x264-DEMAND.CZsub.mkv
2015-03-20 14:41 - 2015-03-20 15:04 - 209840384 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E07.BDRip.x264-DEMAND.CZsub.mkv
2015-03-19 18:24 - 2015-03-19 18:48 - 215099312 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E06.BDRip.x264-DEMAND.CZsub.mkv
2015-03-19 18:24 - 2015-03-19 18:47 - 212959709 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E05.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 23:26 - 2015-03-18 23:45 - 175508942 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E04.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 23:25 - 2015-03-18 23:47 - 207365234 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E03.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 15:24 - 2015-03-18 15:46 - 205517445 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E02.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 13:49 - 2015-03-18 14:13 - 223979802 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E01.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 01:10 - 2015-03-18 01:10 - 00052796 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e13.720p.bluray.sujaidr-cze.srt
2015-03-17 19:35 - 2015-03-17 19:35 - 00061855 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e12.720p.bluray.sujaidr-cze.srt
2015-03-16 23:05 - 2015-03-16 23:50 - 405038272 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e13.720p.bluray.eng.mkv
2015-03-16 23:04 - 2015-03-16 23:48 - 404965966 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e12.720p.bluray.eng.mkv
2015-03-16 01:00 - 2015-03-16 01:00 - 00045329 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e11.720p.bluray.sujaidr-cze(1).srt
2015-03-15 23:55 - 2015-03-16 00:40 - 404659159 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e11.720p.bluray.eng.mkv
2015-03-15 23:54 - 2015-03-16 00:38 - 404998627 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e10.720p.bluray.eng.mkv
2015-03-15 23:53 - 2015-03-15 23:53 - 00053220 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e10.720p.bluray.sujaidr-cze.srt
2015-03-15 23:52 - 2015-03-15 23:52 - 00072355 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e09.720p.bluray.sujaidr-cze.srt
2015-03-15 00:06 - 2015-03-15 00:06 - 00048542 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e08.720p.bluray.sujaidr-cze(1).srt
2015-03-14 21:36 - 2015-03-14 22:22 - 404938139 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e09.720p.bluray.eng.mkv
2015-03-14 15:57 - 2015-03-14 15:57 - 00055139 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e07.720p.bluray.sujaidr-cze(1).srt
2015-03-14 13:37 - 2015-03-14 14:21 - 405053238 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e08.720p.bluray.eng.mkv
2015-03-14 13:36 - 2015-03-14 14:20 - 405076166 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e07.720p.bluray.eng.mkv
2015-03-14 13:36 - 2015-03-14 13:36 - 00061189 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e06.720p.bluray.sujaidr-cze.srt
2015-03-14 00:16 - 2015-03-14 00:16 - 00057262 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e05.720p.bluray.sujaidr-cze.srt
2015-03-14 00:07 - 2015-03-14 00:07 - 00056272 _____ () C:\Users\Hanka\Downloads\House-of-Cards-S01E04(0000218877).srt
2015-03-13 21:23 - 2015-03-13 22:11 - 404974405 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e06.720p.bluray.eng.mkv
2015-03-13 21:22 - 2015-03-13 22:12 - 404719925 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e05.720p.bluray.eng.mkv
2015-03-13 19:59 - 2015-03-13 19:59 - 00056272 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e04.720p.bluray.sujaidr-cze(2).srt
2015-03-13 00:53 - 2015-03-13 00:53 - 00066488 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e03.720p.bluray.sujaidr-cze.srt
2015-03-12 20:37 - 2015-03-12 21:21 - 404919734 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e02.720p.bluray.eng.mkv
2015-03-12 20:35 - 2015-03-12 20:35 - 00058399 _____ () C:\Users\Hanka\Downloads\House-of-Cards-s01e02-Kapitola-2.srt
2015-03-12 20:33 - 2015-03-12 20:33 - 00058386 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e02.720p.bluray.sujaidr-cze.srt
2015-03-12 20:31 - 2015-03-12 20:31 - 00058555 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e02.720p.bluray.sujaidr-cze(1).srt
2015-03-12 18:40 - 2015-03-12 19:26 - 405186540 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e04.720p.bluray.eng.mkv
2015-03-12 18:40 - 2015-03-12 19:25 - 404939984 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e03.720p.bluray.eng.mkv
2015-03-12 17:34 - 2015-03-12 17:34 - 00063758 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e01.720p.bluray.sujaidr-cze(1).srt
2015-03-12 16:04 - 2015-03-12 16:48 - 405003808 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e01.720p.bluray.eng.mkv
2015-03-11 11:56 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 11:56 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 11:56 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 11:56 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 11:56 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 11:56 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 11:56 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 11:56 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 11:56 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 11:56 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 11:55 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 11:55 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 11:55 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 11:55 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 11:55 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 11:55 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 11:55 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 11:55 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 11:55 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 11:55 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 11:55 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 11:55 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 11:55 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 11:55 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 11:55 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 11:55 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 11:55 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 11:55 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 11:55 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 11:55 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 11:55 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 11:55 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 11:55 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 11:55 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 11:54 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 11:54 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 11:54 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 11:54 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 11:54 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 11:54 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 11:54 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 11:54 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 11:54 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 11:54 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 11:54 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 11:54 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 11:54 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 11:54 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 11:54 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 11:54 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 11:54 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 11:54 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 11:53 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 11:53 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 11:53 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 11:53 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 11:53 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 11:53 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 11:53 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 11:53 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 11:53 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 11:53 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 11:53 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 11:53 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 11:53 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 11:53 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 11:53 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 11:53 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 11:53 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 11:53 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 11:53 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 11:53 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 11:53 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 11:53 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 11:53 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 11:53 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 11:53 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:53 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 11:53 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 11:53 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:53 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 11:53 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 11:53 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 11:53 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 11:53 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 11:53 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 11:53 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 11:53 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 11:53 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 11:53 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 11:53 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 11:53 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 11:53 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 11:53 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 11:53 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 11:53 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 11:53 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 11:53 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:53 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 11:53 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 11:53 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 11:53 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 11:53 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 11:53 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 11:53 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 11:53 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 11:53 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 11:53 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 11:53 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 11:53 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 11:53 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 11:53 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 11:53 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 11:52 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 11:52 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-07 10:07 - 2015-03-07 10:08 - 00082933 _____ () C:\Users\Hanka\Downloads\google-publisher.zip
2015-03-06 19:17 - 2015-03-06 19:18 - 06208736 _____ (Tim Kosse) C:\Users\Hanka\Downloads\FileZilla_3.10.2_win32-setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-04 10:26 - 2009-07-14 06:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-04 10:26 - 2009-07-14 06:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-04 10:22 - 2010-07-15 17:56 - 01686195 _____ () C:\Windows\WindowsUpdate.log
2015-04-04 10:20 - 2014-06-16 18:04 - 00000000 ___RD () C:\Users\Hanka\Dropbox
2015-04-04 10:20 - 2014-05-25 09:20 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\Dropbox
2015-04-04 10:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-03 23:04 - 2014-03-09 21:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-03 19:51 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-03 19:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-04-03 19:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-03 16:43 - 2014-05-30 08:43 - 00000000 ____D () C:\Windows\Minidump
2015-04-03 16:38 - 2014-05-25 16:32 - 00000000 ____D () C:\Users\Hanka\Desktop\filmy
2015-04-03 16:34 - 2014-03-30 15:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-03 15:34 - 2010-07-15 18:15 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-04-03 12:10 - 2010-07-15 18:41 - 00001303 _____ () C:\Windows\system32\ServiceFilter.ini
2015-04-03 12:07 - 2014-05-27 17:10 - 00000000 ____D () C:\Users\Hanka\Documents\Soubory aplikace Outlook
2015-04-03 12:04 - 2014-07-07 15:57 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-03 09:30 - 2014-04-04 18:00 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\FileZilla
2015-04-03 09:21 - 2010-07-15 18:41 - 00001946 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-04-02 16:24 - 2014-04-01 10:45 - 00000000 ____D () C:\Users\Hanka\Desktop\cenyenergie.cz
2015-03-31 09:40 - 2009-07-14 07:08 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-30 10:15 - 2009-08-03 22:00 - 00668792 _____ () C:\Windows\system32\perfh005.dat
2015-03-30 10:15 - 2009-08-03 22:00 - 00141420 _____ () C:\Windows\system32\perfc005.dat
2015-03-30 10:15 - 2009-07-14 07:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-26 09:50 - 2014-12-10 22:48 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 09:50 - 2014-05-07 22:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-25 11:22 - 2014-09-13 07:55 - 00000000 ____D () C:\Users\Hanka\Desktop\WordPress-3.9.2.-cz
2015-03-14 12:47 - 2014-06-16 18:04 - 00001021 _____ () C:\Users\Hanka\Desktop\Dropbox.lnk
2015-03-14 12:47 - 2014-05-25 09:40 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-12 15:50 - 2014-09-17 14:37 - 00000000 ____D () C:\Windows\rescache
2015-03-12 11:42 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 11:40 - 2009-07-14 06:45 - 00409512 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 11:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 11:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 10:40 - 2014-04-01 10:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-12 10:17 - 2014-03-06 22:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 10:03 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2015-03-11 18:48 - 2013-02-12 18:58 - 122905856 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-06 15:20 - 2014-05-31 15:33 - 00003584 _____ () C:\Users\Hanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Files in the root of some directories =======
2007-06-12 18:34 - 2007-06-12 18:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 17:35 - 2008-05-22 17:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 19:31 - 2009-04-08 19:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 06:45 - 2008-08-12 06:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2014-05-31 15:33 - 2015-03-06 15:20 - 0003584 _____ () C:\Users\Hanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-28 16:22 - 2013-01-28 16:22 - 0000036 _____ () C:\Users\Hanka\AppData\Local\housecall.guid.cache
2010-07-15 18:16 - 2009-12-24 14:38 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-07-15 18:13 - 2010-07-15 18:13 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-15 18:12 - 2010-07-15 18:13 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some content of TEMP:
====================
C:\Users\Hanka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp63nb8c.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-29 14:15
==================== End Of Log ============================
_____________________________________
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Hanka (administrator) on HANKA-PC on 04-04-2015 10:24:35
Running from C:\Users\Hanka\Desktop
Loaded Profiles: Hanka & (Available profiles: Hanka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Dropbox, Inc.) C:\Users\Hanka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-07-15] ()
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-09-17] (VIA)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-03] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] ()
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hanka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3423487706-4037741734-473863387-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3423487706-4037741734-473863387-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-03] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-03] (Avast Software s.r.o.)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default
FF DefaultSearchEngine: Google (avast)
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll [2014-05-26] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll [2014-05-26] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF SearchPlugin: C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\siq3wtzz.default\searchplugins\google-avast.xml [2015-04-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-03]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-03]
CHR Extension: (Google Docs) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-12]
CHR Extension: (Google Drive) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-12]
CHR Extension: (YouTube) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-12]
CHR Extension: (Google Search) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-12]
CHR Extension: (Google Sheets) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-03]
CHR Extension: (Google Wallet) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-08]
CHR Extension: (Gmail) - C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-03] (Avast Software s.r.o.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-03] ()
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [117760 2009-10-15] (ELAN Microelectronic Corp.) [File not signed]
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
U2 TMAgent; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-04 10:24 - 2015-04-04 10:27 - 00018097 _____ () C:\Users\Hanka\Desktop\FRST.txt
2015-04-04 10:21 - 2015-04-04 10:24 - 00000000 ____D () C:\FRST
2015-04-03 23:11 - 2015-04-03 23:11 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\AVAST Software
2015-04-03 23:10 - 2015-04-03 23:10 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-03 23:10 - 2015-04-03 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-03 23:09 - 2015-04-03 23:09 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-03 23:09 - 2015-04-03 23:09 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-03 23:09 - 2015-04-03 23:09 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-03 23:09 - 2015-04-03 23:09 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-03 23:06 - 2015-04-03 23:06 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-03 23:04 - 2015-04-03 23:04 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Hanka\Downloads\avast_free_antivirus_setup_online.exe
2015-04-03 22:16 - 2015-04-03 22:17 - 00000085 _____ () C:\Windows\wininit.ini
2015-04-03 20:48 - 2015-04-03 22:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-03 20:47 - 2015-04-03 22:14 - 00000000 ____D () C:\Users\Hanka\Desktop\mbar
2015-04-03 20:45 - 2015-04-03 20:46 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Hanka\Desktop\mbar-1.09.1.1004.exe
2015-04-03 20:04 - 2015-04-03 18:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-03 18:52 - 2015-04-03 20:22 - 00078901 _____ () C:\zoek-results.log
2015-04-03 18:51 - 2015-04-03 18:51 - 01305600 _____ () C:\Users\Hanka\Desktop\zoek.exe
2015-04-03 18:48 - 2015-04-03 18:48 - 00003108 _____ () C:\Windows\System32\Tasks\{F5B56D68-7615-4FC2-82EF-A7722165D554}
2015-04-03 18:47 - 2015-04-03 18:47 - 00001404 _____ () C:\Users\Hanka\Desktop\assas.txt
2015-04-03 18:46 - 2015-04-03 19:51 - 00000000 ____D () C:\zoek_backup
2015-04-03 18:46 - 2015-04-03 18:46 - 00003120 _____ () C:\Windows\System32\Tasks\{19DA41E0-8BB9-48C0-9A7D-0D172672FCC2}
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.scr
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.pif
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.com
2015-04-03 18:45 - 2015-04-03 18:45 - 04317228 _____ () C:\Users\Hanka\Desktop\zoek.rar
2015-04-03 18:44 - 2015-04-03 18:44 - 04058604 _____ () C:\Users\Hanka\Desktop\zoek.zip
2015-04-03 18:25 - 2015-04-03 18:25 - 02208768 _____ () C:\Users\Hanka\Desktop\adwcleaner_4.200(1).exe
2015-04-03 17:41 - 2015-04-03 17:42 - 15971616 _____ (IObit) C:\Users\Hanka\Downloads\iobituninstaller.exe
2015-04-03 16:49 - 2015-04-03 16:51 - 00000000 ____D () C:\Program Files\trend micro
2015-04-03 16:49 - 2015-04-03 16:49 - 00000000 ____D () C:\rsit
2015-04-03 16:48 - 2015-04-03 16:49 - 01222144 _____ () C:\Users\Hanka\Downloads\RSITx64.exe
2015-04-03 16:43 - 2015-04-03 16:43 - 389884975 _____ () C:\Windows\MEMORY.DMP
2015-04-03 16:43 - 2015-04-03 16:43 - 00277704 _____ () C:\Windows\Minidump\040315-30950-01.dmp
2015-04-03 16:28 - 2015-04-03 16:28 - 00277704 _____ () C:\Windows\Minidump\040315-32058-01.dmp
2015-04-03 16:11 - 2015-04-03 16:12 - 41840320 _____ (Microsoft Corporation) C:\Users\Hanka\Downloads\Windows-KB890830-x64-V5.22.exe
2015-04-03 15:48 - 2015-04-03 15:48 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-03 15:48 - 2015-04-03 15:48 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-03 15:46 - 2015-04-03 15:46 - 00003820 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1396184755
2015-04-03 15:45 - 2015-04-03 15:45 - 00243472 _____ () C:\Users\Hanka\Downloads\Firefox Setup Stub 37.0.exe
2015-04-03 15:02 - 2015-04-03 22:17 - 02095616 _____ (Farbar) C:\Users\Hanka\Desktop\FRST64.exe
2015-04-03 15:01 - 2015-04-03 15:02 - 00000000 ____D () C:\Users\Hanka\Desktop\různé
2015-04-03 12:50 - 2015-04-03 12:50 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HANKA-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-03 12:50 - 2015-04-03 12:50 - 00000000 ____D () C:\RegBackup
2015-04-03 12:48 - 2015-04-03 12:48 - 01418897 _____ (Thisisu) C:\Users\Hanka\Downloads\JRT.exe
2015-04-03 12:09 - 2015-04-04 10:17 - 00000504 _____ () C:\Windows\setupact.log
2015-04-03 12:09 - 2015-04-04 10:16 - 00326258 _____ () C:\Windows\PFRO.log
2015-04-03 12:09 - 2015-04-03 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-03 11:27 - 2015-04-04 10:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-03 11:26 - 2015-04-03 20:47 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-03 11:26 - 2015-04-03 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-03 11:26 - 2015-04-03 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-03 11:26 - 2015-04-03 11:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-03 11:26 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-03 11:26 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-03 11:25 - 2015-04-03 11:25 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Hanka\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-03 10:05 - 2015-04-03 10:05 - 00001185 _____ () C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00001103 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\IObit
2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-04-03 09:16 - 2015-04-03 18:47 - 00000000 ____D () C:\AdwCleaner
2015-04-03 09:16 - 2015-04-03 09:16 - 02208768 _____ () C:\Users\Hanka\Downloads\adwcleaner_4.200.exe
2015-04-03 08:57 - 2015-04-03 22:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-03 08:57 - 2015-04-03 22:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-03 08:57 - 2015-04-03 08:57 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-04-03 08:55 - 2015-04-03 08:56 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hanka\Downloads\spybot-2.4.exe
2015-04-03 08:48 - 2015-04-03 11:23 - 00008300 _____ () C:\Users\Hanka\Downloads\software_removal_tool.log
2015-04-02 17:42 - 2015-04-02 17:42 - 00000000 ____D () C:\ProgramData\IObit
2015-04-02 17:41 - 2015-04-03 10:04 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup.exe
2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup(1).exe
2015-04-02 17:37 - 2015-04-02 17:41 - 00000000 ____D () C:\Program Files (x86)\EMCO Remote Connection Analyzer
2015-04-02 17:37 - 2015-04-02 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO Remote Connection Analyzer
2015-04-02 17:35 - 2015-04-02 17:35 - 00984499 _____ () C:\Users\Hanka\Downloads\analyzersetup.zip
2015-04-02 16:43 - 2015-04-03 17:43 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-02 15:43 - 2015-04-03 11:43 - 00000000 ____D () C:\Program Files (x86)\winter web
2015-04-01 19:44 - 2015-04-01 21:06 - 695562882 _____ () C:\Users\Hanka\Downloads\Temný-případ-.True-Detective.S01E01-CZ-dabing.Vaca.avi
2015-04-01 19:43 - 2015-04-01 20:33 - 612987616 _____ () C:\Users\Hanka\Downloads\Temný-případ-.True-Detective.S01E07-CZ-dabing.Vaca.avi
2015-03-30 19:41 - 2015-03-30 20:06 - 234937074 _____ () C:\Users\Hanka\Downloads\House.Of.Cards.2013.S03E13.WEBRip.x264-2HD-+-cz-titulky.mkv
2015-03-30 19:40 - 2015-03-30 20:02 - 204307343 _____ () C:\Users\Hanka\Downloads\House.Of.Cards.2013.S03E12.WEBRip.x264-2HD-+-cz-titulky.mkv
2015-03-29 22:50 - 2015-03-29 23:15 - 242712807 _____ () C:\Users\Hanka\Downloads\House.Of.Cards.2013.S03E11.WEBRip.x264-2HD-+-cz-titulky.mkv
2015-03-29 22:49 - 2015-03-29 23:15 - 244575079 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E10.WEBRip.x264-2HD-+-cz-titulky.mkv
2015-03-28 02:20 - 2015-03-28 02:44 - 228043450 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E09.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-28 02:20 - 2015-03-28 02:39 - 188119876 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E08.WEBRip.x264-2HD+-cz-titulky(1).mkv
2015-03-26 23:07 - 2015-03-26 23:26 - 188119876 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E08.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-26 23:05 - 2015-03-26 23:30 - 237015471 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E07.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-26 20:46 - 2015-03-26 20:46 - 00218682 _____ () C:\Users\Hanka\Downloads\wp-creator-calculator.3.6.5.zip
2015-03-25 22:27 - 2015-03-25 22:53 - 215176516 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E06.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-25 22:26 - 2015-03-25 23:18 - 226744974 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E05.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-25 11:26 - 2015-03-25 11:46 - 185576081 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E04.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-25 11:25 - 2015-03-25 11:57 - 299176520 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E03.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-25 11:18 - 2015-03-25 11:18 - 00000000 ____D () C:\Users\Hanka\Downloads\httrack-noinst-3.47.20
2015-03-25 11:17 - 2015-03-25 11:17 - 04351502 _____ () C:\Users\Hanka\Downloads\httrack-noinst-3.47.20.zip
2015-03-25 11:08 - 2015-03-25 11:08 - 02091089 _____ ( ) C:\Users\Hanka\Downloads\getleft-setup-v1.1.2-full.exe
2015-03-25 09:01 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 09:01 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 09:01 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 09:01 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 09:01 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 09:01 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 09:01 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 09:01 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 10:20 - 2015-03-24 10:20 - 00011608 _____ () C:\Users\Hanka\Downloads\excel-to-web-calculator.xlsx
2015-03-24 10:09 - 2015-03-24 10:09 - 00000000 ____D () C:\Users\Hanka\Desktop\kk_soubory
2015-03-24 09:43 - 2015-03-24 09:43 - 00144092 _____ () C:\Users\Hanka\Downloads\Duchodova_kalkulacka_141111.html
2015-03-23 23:29 - 2015-03-23 23:53 - 232919330 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E01.WEBRip.x264-2HD+cz-titulky-v-obraze.mkv
2015-03-23 23:28 - 2015-03-23 23:51 - 214394082 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E02.WEBRip.x264-2HD+-cz-titulky.mkv
2015-03-23 20:28 - 2015-03-23 20:53 - 232919330 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S03E01.WEBRip.x264-2HD+cz-titulky.mkv
2015-03-23 20:25 - 2015-03-23 20:50 - 244795751 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E13.BDRip.x264-DEMAND.CZsub.mkv
2015-03-23 12:01 - 2015-03-23 12:19 - 173937282 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E12.BDRip.x264-DEMAND.CZsub.mkv
2015-03-23 11:59 - 2015-03-23 12:21 - 218925489 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E11.BDRip.x264-DEMAND.CZsub.mkv
2015-03-22 17:29 - 2015-03-22 17:29 - 00094782 _____ () C:\Users\Hanka\Downloads\Free-Rainer(0000114836).srt
2015-03-22 17:20 - 2015-03-22 19:17 - 2097433619 _____ () C:\Users\Hanka\Downloads\zivot.je.cudo.2004.DVDrip.x264.drS.czsrt-001.mkv
2015-03-22 12:32 - 2015-04-03 15:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-20 22:59 - 2015-03-20 23:21 - 203973976 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E09.BDRip.x264-DEMAND.CZsub.mkv
2015-03-20 22:59 - 2015-03-20 23:20 - 195854933 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E10.BDRip.x264-DEMAND.CZsub.mkv
2015-03-20 14:42 - 2015-03-20 15:03 - 194683849 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E08.BDRip.x264-DEMAND.CZsub.mkv
2015-03-20 14:41 - 2015-03-20 15:04 - 209840384 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E07.BDRip.x264-DEMAND.CZsub.mkv
2015-03-19 18:24 - 2015-03-19 18:48 - 215099312 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E06.BDRip.x264-DEMAND.CZsub.mkv
2015-03-19 18:24 - 2015-03-19 18:47 - 212959709 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E05.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 23:26 - 2015-03-18 23:45 - 175508942 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E04.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 23:25 - 2015-03-18 23:47 - 207365234 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E03.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 15:24 - 2015-03-18 15:46 - 205517445 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E02.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 13:49 - 2015-03-18 14:13 - 223979802 _____ () C:\Users\Hanka\Downloads\House.of.Cards.2013.S02E01.BDRip.x264-DEMAND.CZsub.mkv
2015-03-18 01:10 - 2015-03-18 01:10 - 00052796 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e13.720p.bluray.sujaidr-cze.srt
2015-03-17 19:35 - 2015-03-17 19:35 - 00061855 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e12.720p.bluray.sujaidr-cze.srt
2015-03-16 23:05 - 2015-03-16 23:50 - 405038272 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e13.720p.bluray.eng.mkv
2015-03-16 23:04 - 2015-03-16 23:48 - 404965966 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e12.720p.bluray.eng.mkv
2015-03-16 01:00 - 2015-03-16 01:00 - 00045329 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e11.720p.bluray.sujaidr-cze(1).srt
2015-03-15 23:55 - 2015-03-16 00:40 - 404659159 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e11.720p.bluray.eng.mkv
2015-03-15 23:54 - 2015-03-16 00:38 - 404998627 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e10.720p.bluray.eng.mkv
2015-03-15 23:53 - 2015-03-15 23:53 - 00053220 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e10.720p.bluray.sujaidr-cze.srt
2015-03-15 23:52 - 2015-03-15 23:52 - 00072355 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e09.720p.bluray.sujaidr-cze.srt
2015-03-15 00:06 - 2015-03-15 00:06 - 00048542 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e08.720p.bluray.sujaidr-cze(1).srt
2015-03-14 21:36 - 2015-03-14 22:22 - 404938139 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e09.720p.bluray.eng.mkv
2015-03-14 15:57 - 2015-03-14 15:57 - 00055139 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e07.720p.bluray.sujaidr-cze(1).srt
2015-03-14 13:37 - 2015-03-14 14:21 - 405053238 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e08.720p.bluray.eng.mkv
2015-03-14 13:36 - 2015-03-14 14:20 - 405076166 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e07.720p.bluray.eng.mkv
2015-03-14 13:36 - 2015-03-14 13:36 - 00061189 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e06.720p.bluray.sujaidr-cze.srt
2015-03-14 00:16 - 2015-03-14 00:16 - 00057262 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e05.720p.bluray.sujaidr-cze.srt
2015-03-14 00:07 - 2015-03-14 00:07 - 00056272 _____ () C:\Users\Hanka\Downloads\House-of-Cards-S01E04(0000218877).srt
2015-03-13 21:23 - 2015-03-13 22:11 - 404974405 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e06.720p.bluray.eng.mkv
2015-03-13 21:22 - 2015-03-13 22:12 - 404719925 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e05.720p.bluray.eng.mkv
2015-03-13 19:59 - 2015-03-13 19:59 - 00056272 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e04.720p.bluray.sujaidr-cze(2).srt
2015-03-13 00:53 - 2015-03-13 00:53 - 00066488 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e03.720p.bluray.sujaidr-cze.srt
2015-03-12 20:37 - 2015-03-12 21:21 - 404919734 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e02.720p.bluray.eng.mkv
2015-03-12 20:35 - 2015-03-12 20:35 - 00058399 _____ () C:\Users\Hanka\Downloads\House-of-Cards-s01e02-Kapitola-2.srt
2015-03-12 20:33 - 2015-03-12 20:33 - 00058386 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e02.720p.bluray.sujaidr-cze.srt
2015-03-12 20:31 - 2015-03-12 20:31 - 00058555 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e02.720p.bluray.sujaidr-cze(1).srt
2015-03-12 18:40 - 2015-03-12 19:26 - 405186540 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e04.720p.bluray.eng.mkv
2015-03-12 18:40 - 2015-03-12 19:25 - 404939984 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e03.720p.bluray.eng.mkv
2015-03-12 17:34 - 2015-03-12 17:34 - 00063758 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e01.720p.bluray.sujaidr-cze(1).srt
2015-03-12 16:04 - 2015-03-12 16:48 - 405003808 _____ () C:\Users\Hanka\Downloads\house.of.cards.2013.s01e01.720p.bluray.eng.mkv
2015-03-11 11:56 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 11:56 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 11:56 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 11:56 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 11:56 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 11:56 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 11:56 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 11:56 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 11:56 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 11:56 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 11:55 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 11:55 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 11:55 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 11:55 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 11:55 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 11:55 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 11:55 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 11:55 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 11:55 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 11:55 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 11:55 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 11:55 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 11:55 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 11:55 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 11:55 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 11:55 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 11:55 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 11:55 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 11:55 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 11:55 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 11:55 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 11:55 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 11:55 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 11:55 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 11:55 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 11:55 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 11:55 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 11:55 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 11:54 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 11:54 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 11:54 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 11:54 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 11:54 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 11:54 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 11:54 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 11:54 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 11:54 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 11:54 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 11:54 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 11:54 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 11:54 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 11:54 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 11:54 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 11:54 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 11:54 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 11:54 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 11:54 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 11:54 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 11:53 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 11:53 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 11:53 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 11:53 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 11:53 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 11:53 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 11:53 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 11:53 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 11:53 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 11:53 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 11:53 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 11:53 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 11:53 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 11:53 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 11:53 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 11:53 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 11:53 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 11:53 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 11:53 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 11:53 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 11:53 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 11:53 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 11:53 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 11:53 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 11:53 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:53 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 11:53 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 11:53 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:53 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 11:53 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 11:53 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 11:53 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 11:53 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 11:53 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 11:53 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 11:53 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 11:53 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 11:53 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 11:53 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 11:53 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 11:53 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 11:53 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 11:53 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 11:53 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 11:53 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 11:53 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:53 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 11:53 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 11:53 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 11:53 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 11:53 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 11:53 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 11:53 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 11:53 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 11:53 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 11:53 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 11:53 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 11:53 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 11:53 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 11:53 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 11:53 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 11:52 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 11:52 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-07 10:07 - 2015-03-07 10:08 - 00082933 _____ () C:\Users\Hanka\Downloads\google-publisher.zip
2015-03-06 19:17 - 2015-03-06 19:18 - 06208736 _____ (Tim Kosse) C:\Users\Hanka\Downloads\FileZilla_3.10.2_win32-setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-04 10:26 - 2009-07-14 06:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-04 10:26 - 2009-07-14 06:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-04 10:22 - 2010-07-15 17:56 - 01686195 _____ () C:\Windows\WindowsUpdate.log
2015-04-04 10:20 - 2014-06-16 18:04 - 00000000 ___RD () C:\Users\Hanka\Dropbox
2015-04-04 10:20 - 2014-05-25 09:20 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\Dropbox
2015-04-04 10:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-03 23:04 - 2014-03-09 21:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-03 19:51 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-03 19:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-04-03 19:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-03 16:43 - 2014-05-30 08:43 - 00000000 ____D () C:\Windows\Minidump
2015-04-03 16:38 - 2014-05-25 16:32 - 00000000 ____D () C:\Users\Hanka\Desktop\filmy
2015-04-03 16:34 - 2014-03-30 15:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-03 15:34 - 2010-07-15 18:15 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-04-03 12:10 - 2010-07-15 18:41 - 00001303 _____ () C:\Windows\system32\ServiceFilter.ini
2015-04-03 12:07 - 2014-05-27 17:10 - 00000000 ____D () C:\Users\Hanka\Documents\Soubory aplikace Outlook
2015-04-03 12:04 - 2014-07-07 15:57 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-03 09:30 - 2014-04-04 18:00 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\FileZilla
2015-04-03 09:21 - 2010-07-15 18:41 - 00001946 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-04-02 16:24 - 2014-04-01 10:45 - 00000000 ____D () C:\Users\Hanka\Desktop\cenyenergie.cz
2015-03-31 09:40 - 2009-07-14 07:08 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-30 10:15 - 2009-08-03 22:00 - 00668792 _____ () C:\Windows\system32\perfh005.dat
2015-03-30 10:15 - 2009-08-03 22:00 - 00141420 _____ () C:\Windows\system32\perfc005.dat
2015-03-30 10:15 - 2009-07-14 07:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-26 09:50 - 2014-12-10 22:48 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 09:50 - 2014-05-07 22:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-25 11:22 - 2014-09-13 07:55 - 00000000 ____D () C:\Users\Hanka\Desktop\WordPress-3.9.2.-cz
2015-03-14 12:47 - 2014-06-16 18:04 - 00001021 _____ () C:\Users\Hanka\Desktop\Dropbox.lnk
2015-03-14 12:47 - 2014-05-25 09:40 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-12 15:50 - 2014-09-17 14:37 - 00000000 ____D () C:\Windows\rescache
2015-03-12 11:42 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 11:40 - 2009-07-14 06:45 - 00409512 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 11:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 11:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 10:40 - 2014-04-01 10:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-12 10:17 - 2014-03-06 22:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 10:03 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2015-03-11 18:48 - 2013-02-12 18:58 - 122905856 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-06 15:20 - 2014-05-31 15:33 - 00003584 _____ () C:\Users\Hanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Files in the root of some directories =======
2007-06-12 18:34 - 2007-06-12 18:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 17:35 - 2008-05-22 17:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 19:31 - 2009-04-08 19:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 06:45 - 2008-08-12 06:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2014-05-31 15:33 - 2015-03-06 15:20 - 0003584 _____ () C:\Users\Hanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-28 16:22 - 2013-01-28 16:22 - 0000036 _____ () C:\Users\Hanka\AppData\Local\housecall.guid.cache
2010-07-15 18:16 - 2009-12-24 14:38 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-07-15 18:13 - 2010-07-15 18:13 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-15 18:12 - 2010-07-15 18:13 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some content of TEMP:
====================
C:\Users\Hanka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp63nb8c.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-29 14:15
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (8.52 KiB) Staženo 82 x
Re: Adware (?) "Ads by name"
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.) HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] () HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] () BootExecute: autocheck autochk * sdnclean64.exe HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit) U2 TMAgent; No ImagePath C:\Program Files (x86)\IObit 2015-04-03 23:04 - 2015-04-03 23:04 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Hanka\Downloads\avast_free_antivirus_setup_online.exe 2015-04-03 22:16 - 2015-04-03 22:17 - 00000085 _____ () C:\Windows\wininit.ini 2015-04-03 20:48 - 2015-04-03 22:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-04-03 20:47 - 2015-04-03 22:14 - 00000000 ____D () C:\Users\Hanka\Desktop\mbar 2015-04-03 20:45 - 2015-04-03 20:46 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Hanka\Desktop\mbar-1.09.1.1004.exe 2015-04-03 20:04 - 2015-04-03 18:51 - 00024064 _____ () C:\Windows\zoek-delete.exe 2015-04-03 18:52 - 2015-04-03 20:22 - 00078901 _____ () C:\zoek-results.log 2015-04-03 18:51 - 2015-04-03 18:51 - 01305600 _____ () C:\Users\Hanka\Desktop\zoek.exe 2015-04-03 18:48 - 2015-04-03 18:48 - 00003108 _____ () C:\Windows\System32\Tasks\{F5B56D68-7615-4FC2-82EF-A7722165D554} 2015-04-03 18:47 - 2015-04-03 18:47 - 00001404 _____ () C:\Users\Hanka\Desktop\assas.txt 2015-04-03 18:46 - 2015-04-03 19:51 - 00000000 ____D () C:\zoek_backup 2015-04-03 18:46 - 2015-04-03 18:46 - 00003120 _____ () C:\Windows\System32\Tasks\{19DA41E0-8BB9-48C0-9A7D-0D172672FCC2} 2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.scr 2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.pif 2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.com 2015-04-03 18:45 - 2015-04-03 18:45 - 04317228 _____ () C:\Users\Hanka\Desktop\zoek.rar 2015-04-03 18:44 - 2015-04-03 18:44 - 04058604 _____ () C:\Users\Hanka\Desktop\zoek.zip 2015-04-03 18:25 - 2015-04-03 18:25 - 02208768 _____ () C:\Users\Hanka\Desktop\adwcleaner_4.200(1).exe 2015-04-03 17:41 - 2015-04-03 17:42 - 15971616 _____ (IObit) C:\Users\Hanka\Downloads\iobituninstaller.exe 2015-04-03 16:49 - 2015-04-03 16:51 - 00000000 ____D () C:\Program Files\trend micro 2015-04-03 16:49 - 2015-04-03 16:49 - 00000000 ____D () C:\rsit 2015-04-03 16:48 - 2015-04-03 16:49 - 01222144 _____ () C:\Users\Hanka\Downloads\RSITx64.exe 2015-04-03 16:11 - 2015-04-03 16:12 - 41840320 _____ (Microsoft Corporation) C:\Users\Hanka\Downloads\Windows-KB890830-x64-V5.22.exe 2015-04-03 12:50 - 2015-04-03 12:50 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HANKA-PC-Windows-7-Home-Premium-(64-bit).dat 2015-04-03 12:50 - 2015-04-03 12:50 - 00000000 ____D () C:\RegBackup 2015-04-03 12:48 - 2015-04-03 12:48 - 01418897 _____ (Thisisu) C:\Users\Hanka\Downloads\JRT.exe 2015-04-03 12:09 - 2015-04-04 10:17 - 00000504 _____ () C:\Windows\setupact.log 2015-04-03 12:09 - 2015-04-04 10:16 - 00326258 _____ () C:\Windows\PFRO.log 2015-04-03 12:09 - 2015-04-03 12:09 - 00000000 _____ () C:\Windows\setuperr.log 2015-04-03 10:05 - 2015-04-03 10:05 - 00001185 _____ () C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2015-04-03 10:05 - 2015-04-03 10:05 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2015-04-03 10:05 - 2015-04-03 10:05 - 00001103 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk 2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\IObit 2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter 2015-04-03 09:16 - 2015-04-03 18:47 - 00000000 ____D () C:\AdwCleaner 2015-04-03 09:16 - 2015-04-03 09:16 - 02208768 _____ () C:\Users\Hanka\Downloads\adwcleaner_4.200.exe 2015-04-03 08:57 - 2015-04-03 22:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-04-03 08:57 - 2015-04-03 22:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-04-03 08:57 - 2015-04-03 08:57 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2015-04-03 08:55 - 2015-04-03 08:56 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hanka\Downloads\spybot-2.4.exe 2015-04-03 08:48 - 2015-04-03 11:23 - 00008300 _____ () C:\Users\Hanka\Downloads\software_removal_tool.log 2015-04-02 17:42 - 2015-04-02 17:42 - 00000000 ____D () C:\ProgramData\IObit 2015-04-02 17:41 - 2015-04-03 10:04 - 00000000 ____D () C:\Program Files (x86)\IObit 2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup.exe 2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup(1).exe Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Adware (?) "Ads by name"
Díky, fixlog je níže.
___________________________
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Hanka at 2015-04-04 20:45:57 Run:1
Running from C:\Users\Hanka\Desktop
Loaded Profiles: Hanka (Available profiles: Hanka)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] ()
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] ()
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
U2 TMAgent; No ImagePath
C:\Program Files (x86)\IObit
2015-04-03 23:04 - 2015-04-03 23:04 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Hanka\Downloads\avast_free_antivirus_setup_online.exe
2015-04-03 22:16 - 2015-04-03 22:17 - 00000085 _____ () C:\Windows\wininit.ini
2015-04-03 20:48 - 2015-04-03 22:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-03 20:47 - 2015-04-03 22:14 - 00000000 ____D () C:\Users\Hanka\Desktop\mbar
2015-04-03 20:45 - 2015-04-03 20:46 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Hanka\Desktop\mbar-1.09.1.1004.exe
2015-04-03 20:04 - 2015-04-03 18:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-03 18:52 - 2015-04-03 20:22 - 00078901 _____ () C:\zoek-results.log
2015-04-03 18:51 - 2015-04-03 18:51 - 01305600 _____ () C:\Users\Hanka\Desktop\zoek.exe
2015-04-03 18:48 - 2015-04-03 18:48 - 00003108 _____ () C:\Windows\System32\Tasks\{F5B56D68-7615-4FC2-82EF-A7722165D554}
2015-04-03 18:47 - 2015-04-03 18:47 - 00001404 _____ () C:\Users\Hanka\Desktop\assas.txt
2015-04-03 18:46 - 2015-04-03 19:51 - 00000000 ____D () C:\zoek_backup
2015-04-03 18:46 - 2015-04-03 18:46 - 00003120 _____ () C:\Windows\System32\Tasks\{19DA41E0-8BB9-48C0-9A7D-0D172672FCC2}
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.scr
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.pif
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.com
2015-04-03 18:45 - 2015-04-03 18:45 - 04317228 _____ () C:\Users\Hanka\Desktop\zoek.rar
2015-04-03 18:44 - 2015-04-03 18:44 - 04058604 _____ () C:\Users\Hanka\Desktop\zoek.zip
2015-04-03 18:25 - 2015-04-03 18:25 - 02208768 _____ () C:\Users\Hanka\Desktop\adwcleaner_4.200(1).exe
2015-04-03 17:41 - 2015-04-03 17:42 - 15971616 _____ (IObit) C:\Users\Hanka\Downloads\iobituninstaller.exe
2015-04-03 16:49 - 2015-04-03 16:51 - 00000000 ____D () C:\Program Files\trend micro
2015-04-03 16:49 - 2015-04-03 16:49 - 00000000 ____D () C:\rsit
2015-04-03 16:48 - 2015-04-03 16:49 - 01222144 _____ () C:\Users\Hanka\Downloads\RSITx64.exe
2015-04-03 16:11 - 2015-04-03 16:12 - 41840320 _____ (Microsoft Corporation) C:\Users\Hanka\Downloads\Windows-KB890830-x64-V5.22.exe
2015-04-03 12:50 - 2015-04-03 12:50 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HANKA-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-03 12:50 - 2015-04-03 12:50 - 00000000 ____D () C:\RegBackup
2015-04-03 12:48 - 2015-04-03 12:48 - 01418897 _____ (Thisisu) C:\Users\Hanka\Downloads\JRT.exe
2015-04-03 12:09 - 2015-04-04 10:17 - 00000504 _____ () C:\Windows\setupact.log
2015-04-03 12:09 - 2015-04-04 10:16 - 00326258 _____ () C:\Windows\PFRO.log
2015-04-03 12:09 - 2015-04-03 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-03 10:05 - 2015-04-03 10:05 - 00001185 _____ () C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00001103 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\IObit
2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-04-03 09:16 - 2015-04-03 18:47 - 00000000 ____D () C:\AdwCleaner
2015-04-03 09:16 - 2015-04-03 09:16 - 02208768 _____ () C:\Users\Hanka\Downloads\adwcleaner_4.200.exe
2015-04-03 08:57 - 2015-04-03 22:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-03 08:57 - 2015-04-03 22:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-03 08:57 - 2015-04-03 08:57 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-04-03 08:55 - 2015-04-03 08:56 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hanka\Downloads\spybot-2.4.exe
2015-04-03 08:48 - 2015-04-03 11:23 - 00008300 _____ () C:\Users\Hanka\Downloads\software_removal_tool.log
2015-04-02 17:42 - 2015-04-02 17:42 - 00000000 ____D () C:\ProgramData\IObit
2015-04-02 17:41 - 2015-04-03 10:04 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup.exe
2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup(1).exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut => value deleted successfully.
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Control Panel\Desktop\\SCRNSAVE.EXE => value deleted successfully.
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE => Value not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
IMFservice => Service deleted successfully.
TMAgent => Service deleted successfully.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Users\Hanka\Downloads\avast_free_antivirus_setup_online.exe => Moved successfully.
C:\Windows\wininit.ini => Moved successfully.
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => Moved successfully.
C:\Users\Hanka\Desktop\mbar => Moved successfully.
C:\Users\Hanka\Desktop\mbar-1.09.1.1004.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
"C:\Users\Hanka\Desktop\zoek.exe" => File/Directory not found.
C:\Windows\System32\Tasks\{F5B56D68-7615-4FC2-82EF-A7722165D554} => Moved successfully.
C:\Users\Hanka\Desktop\assas.txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Windows\System32\Tasks\{19DA41E0-8BB9-48C0-9A7D-0D172672FCC2} => Moved successfully.
C:\Users\Hanka\Desktop\zoek.scr => Moved successfully.
C:\Users\Hanka\Desktop\zoek.pif => Moved successfully.
C:\Users\Hanka\Desktop\zoek.com => Moved successfully.
C:\Users\Hanka\Desktop\zoek.rar => Moved successfully.
C:\Users\Hanka\Desktop\zoek.zip => Moved successfully.
C:\Users\Hanka\Desktop\adwcleaner_4.200(1).exe => Moved successfully.
C:\Users\Hanka\Downloads\iobituninstaller.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Hanka\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Hanka\Downloads\Windows-KB890830-x64-V5.22.exe => Moved successfully.
C:\Windows\tweaking.com-regbackup-HANKA-PC-Windows-7-Home-Premium-(64-bit).dat => Moved successfully.
C:\RegBackup => Moved successfully.
C:\Users\Hanka\Downloads\JRT.exe => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Uninstall Programs.lnk => Moved successfully.
C:\Users\Public\Desktop\IObit Malware Fighter.lnk => Moved successfully.
C:\Users\Hanka\AppData\Roaming\IObit => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Hanka\Downloads\adwcleaner_4.200.exe => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Windows\System32\Tasks\Safer-Networking => Moved successfully.
C:\Users\Hanka\Downloads\spybot-2.4.exe => Moved successfully.
C:\Users\Hanka\Downloads\software_removal_tool.log => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
"C:\Program Files (x86)\IObit" => File/Directory not found.
C:\Users\Hanka\Downloads\is360setup.exe => Moved successfully.
C:\Users\Hanka\Downloads\is360setup(1).exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 161.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog 20:49:40 ====
___________________________
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Hanka at 2015-04-04 20:45:57 Run:1
Running from C:\Users\Hanka\Desktop
Loaded Profiles: Hanka (Available profiles: Hanka)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] ()
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Hanka\Desktop\zoek.scr [1441994 2003-01-24] ()
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
U2 TMAgent; No ImagePath
C:\Program Files (x86)\IObit
2015-04-03 23:04 - 2015-04-03 23:04 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Hanka\Downloads\avast_free_antivirus_setup_online.exe
2015-04-03 22:16 - 2015-04-03 22:17 - 00000085 _____ () C:\Windows\wininit.ini
2015-04-03 20:48 - 2015-04-03 22:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-03 20:47 - 2015-04-03 22:14 - 00000000 ____D () C:\Users\Hanka\Desktop\mbar
2015-04-03 20:45 - 2015-04-03 20:46 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Hanka\Desktop\mbar-1.09.1.1004.exe
2015-04-03 20:04 - 2015-04-03 18:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-03 18:52 - 2015-04-03 20:22 - 00078901 _____ () C:\zoek-results.log
2015-04-03 18:51 - 2015-04-03 18:51 - 01305600 _____ () C:\Users\Hanka\Desktop\zoek.exe
2015-04-03 18:48 - 2015-04-03 18:48 - 00003108 _____ () C:\Windows\System32\Tasks\{F5B56D68-7615-4FC2-82EF-A7722165D554}
2015-04-03 18:47 - 2015-04-03 18:47 - 00001404 _____ () C:\Users\Hanka\Desktop\assas.txt
2015-04-03 18:46 - 2015-04-03 19:51 - 00000000 ____D () C:\zoek_backup
2015-04-03 18:46 - 2015-04-03 18:46 - 00003120 _____ () C:\Windows\System32\Tasks\{19DA41E0-8BB9-48C0-9A7D-0D172672FCC2}
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.scr
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.pif
2015-04-03 18:46 - 2003-01-24 14:36 - 01441994 _____ () C:\Users\Hanka\Desktop\zoek.com
2015-04-03 18:45 - 2015-04-03 18:45 - 04317228 _____ () C:\Users\Hanka\Desktop\zoek.rar
2015-04-03 18:44 - 2015-04-03 18:44 - 04058604 _____ () C:\Users\Hanka\Desktop\zoek.zip
2015-04-03 18:25 - 2015-04-03 18:25 - 02208768 _____ () C:\Users\Hanka\Desktop\adwcleaner_4.200(1).exe
2015-04-03 17:41 - 2015-04-03 17:42 - 15971616 _____ (IObit) C:\Users\Hanka\Downloads\iobituninstaller.exe
2015-04-03 16:49 - 2015-04-03 16:51 - 00000000 ____D () C:\Program Files\trend micro
2015-04-03 16:49 - 2015-04-03 16:49 - 00000000 ____D () C:\rsit
2015-04-03 16:48 - 2015-04-03 16:49 - 01222144 _____ () C:\Users\Hanka\Downloads\RSITx64.exe
2015-04-03 16:11 - 2015-04-03 16:12 - 41840320 _____ (Microsoft Corporation) C:\Users\Hanka\Downloads\Windows-KB890830-x64-V5.22.exe
2015-04-03 12:50 - 2015-04-03 12:50 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HANKA-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-03 12:50 - 2015-04-03 12:50 - 00000000 ____D () C:\RegBackup
2015-04-03 12:48 - 2015-04-03 12:48 - 01418897 _____ (Thisisu) C:\Users\Hanka\Downloads\JRT.exe
2015-04-03 12:09 - 2015-04-04 10:17 - 00000504 _____ () C:\Windows\setupact.log
2015-04-03 12:09 - 2015-04-04 10:16 - 00326258 _____ () C:\Windows\PFRO.log
2015-04-03 12:09 - 2015-04-03 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-03 10:05 - 2015-04-03 10:05 - 00001185 _____ () C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00001103 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\Users\Hanka\AppData\Roaming\IObit
2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-04-03 09:16 - 2015-04-03 18:47 - 00000000 ____D () C:\AdwCleaner
2015-04-03 09:16 - 2015-04-03 09:16 - 02208768 _____ () C:\Users\Hanka\Downloads\adwcleaner_4.200.exe
2015-04-03 08:57 - 2015-04-03 22:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-03 08:57 - 2015-04-03 22:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-03 08:57 - 2015-04-03 08:57 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-04-03 08:55 - 2015-04-03 08:56 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hanka\Downloads\spybot-2.4.exe
2015-04-03 08:48 - 2015-04-03 11:23 - 00008300 _____ () C:\Users\Hanka\Downloads\software_removal_tool.log
2015-04-02 17:42 - 2015-04-02 17:42 - 00000000 ____D () C:\ProgramData\IObit
2015-04-02 17:41 - 2015-04-03 10:04 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup.exe
2015-04-02 17:41 - 2015-04-02 17:41 - 09205688 _____ (IObit ) C:\Users\Hanka\Downloads\is360setup(1).exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut => value deleted successfully.
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Control Panel\Desktop\\SCRNSAVE.EXE => value deleted successfully.
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE => Value not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-3423487706-4037741734-473863387-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-3423487706-4037741734-473863387-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
IMFservice => Service deleted successfully.
TMAgent => Service deleted successfully.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Users\Hanka\Downloads\avast_free_antivirus_setup_online.exe => Moved successfully.
C:\Windows\wininit.ini => Moved successfully.
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => Moved successfully.
C:\Users\Hanka\Desktop\mbar => Moved successfully.
C:\Users\Hanka\Desktop\mbar-1.09.1.1004.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
"C:\Users\Hanka\Desktop\zoek.exe" => File/Directory not found.
C:\Windows\System32\Tasks\{F5B56D68-7615-4FC2-82EF-A7722165D554} => Moved successfully.
C:\Users\Hanka\Desktop\assas.txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Windows\System32\Tasks\{19DA41E0-8BB9-48C0-9A7D-0D172672FCC2} => Moved successfully.
C:\Users\Hanka\Desktop\zoek.scr => Moved successfully.
C:\Users\Hanka\Desktop\zoek.pif => Moved successfully.
C:\Users\Hanka\Desktop\zoek.com => Moved successfully.
C:\Users\Hanka\Desktop\zoek.rar => Moved successfully.
C:\Users\Hanka\Desktop\zoek.zip => Moved successfully.
C:\Users\Hanka\Desktop\adwcleaner_4.200(1).exe => Moved successfully.
C:\Users\Hanka\Downloads\iobituninstaller.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Hanka\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Hanka\Downloads\Windows-KB890830-x64-V5.22.exe => Moved successfully.
C:\Windows\tweaking.com-regbackup-HANKA-PC-Windows-7-Home-Premium-(64-bit).dat => Moved successfully.
C:\RegBackup => Moved successfully.
C:\Users\Hanka\Downloads\JRT.exe => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Uninstall Programs.lnk => Moved successfully.
C:\Users\Public\Desktop\IObit Malware Fighter.lnk => Moved successfully.
C:\Users\Hanka\AppData\Roaming\IObit => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Hanka\Downloads\adwcleaner_4.200.exe => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Windows\System32\Tasks\Safer-Networking => Moved successfully.
C:\Users\Hanka\Downloads\spybot-2.4.exe => Moved successfully.
C:\Users\Hanka\Downloads\software_removal_tool.log => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
"C:\Program Files (x86)\IObit" => File/Directory not found.
C:\Users\Hanka\Downloads\is360setup.exe => Moved successfully.
C:\Users\Hanka\Downloads\is360setup(1).exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 161.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog 20:49:40 ====
Re: Adware (?) "Ads by name"
Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Adware (?) "Ads by name"
Přidávám do přílohy 2 náhledy stránky, na které se nacházíme. Jak náhledy ilustrují, stále mi v internetových prohlížečích (MF, Opera, Chrome) vyskakují reklamy "Ads By Name" - nejenom na bizarní nabídky placených her apod., ale i reklamy na Niveu, Sazka mobil a podobné seriózně vnímané produkty. Jsou podepsány taky "Ad Options", přičemž z tohoto sousloví vede odkaz sem: http://luu.lightquartrate.com/sd/apps/adinfo-1.0/ nebo taky sem: http://www.bycontext.com/, kde je nanicovatý návod k deaktivaci ve smyslu "odinstalujte program zodpovědný za zobrazování reklam", aniž by byl specifikován název programu. Psal jsem na e-maily tam uvedené s prosbou o detailní návod, ale marně. První e-mail (na adresu support@online-browser-advertising.com) se vrátil jako nedoručitelný, druhý e-mail (na adresu legal@bycontext.com) je bez odezvy. Občas se taky objevují "fakové" odkazy v textu - tzn. otevřu stránku, a tam je například každé slovo "adware" prolinkováno na nějakou reklamní "landing-page" s nabídkou placené hry apod.
Oceňuju Vaši snahu, kdybyste došel k názoru, že takhle řešení nenajdeme, samozřejmě to pochopím a budu Vám i tak vděčen - i zjištění, kudy cesta nevede, je užitečné zjištění.
Oceňuju Vaši snahu, kdybyste došel k názoru, že takhle řešení nenajdeme, samozřejmě to pochopím a budu Vám i tak vděčen - i zjištění, kudy cesta nevede, je užitečné zjištění.
- Přílohy
-
- Ads_By_Name.rar
- (735.6 KiB) Staženo 82 x
Re: Adware (?) "Ads by name"
(Dodatek: O zmíněných awares (?) se píše i zde:
http://trojan-killer.de/remove-luu-ligh ... pop-ups-8/
http://trojan-killer.de/remove-offers-b ... m-pop-ups/
Tam doporučují Trojan Killer, jenž je oficiálně jen v placené verzi, ovšem podle diskuse na stahuj.cz je zadarmo v portable verzi a jako takový prý plní účel:
http://www.stahuj.centrum.cz/utility_a_ ... ?g[hledano]=
http://www.ulozto.sk/xK5jFN8m/gridinsof ... rtable-rar
Takže kdybych zoufale improvizoval, zkusím tohle, ale předpokládám, že by to asi dopadlo blbě.)
http://trojan-killer.de/remove-luu-ligh ... pop-ups-8/
http://trojan-killer.de/remove-offers-b ... m-pop-ups/
Tam doporučují Trojan Killer, jenž je oficiálně jen v placené verzi, ovšem podle diskuse na stahuj.cz je zadarmo v portable verzi a jako takový prý plní účel:
http://www.stahuj.centrum.cz/utility_a_ ... ?g[hledano]=
http://www.ulozto.sk/xK5jFN8m/gridinsof ... rtable-rar
Takže kdybych zoufale improvizoval, zkusím tohle, ale předpokládám, že by to asi dopadlo blbě.)
Re: Adware (?) "Ads by name"
Poslední dodatek: Jinak PC se chová normálně - blbnou "jen" prohlížeče.
Přispějete na provoz fóra?
