Stránka 1 z 1

Zasekaný NB- prosim o kontrolu logu

Napsal: 20 dub 2014 14:57
od hanybany
Dobrý den prosím o pomoc se totálně zasekaným NB. přikládám FRST log, který jse udělal po ADW cleaner a JRT.
Doufám, že nevadí pořadí ADW--JRT--FRST.

předem moc děkuji.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2014
Ran by (administrator) on on 20-04-2014 15:42:23
Running from C:\Users\Ver4a\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(PasswordBox, Inc.) C:\Program Files\PasswordBox\pbbtnService.exe
(Sony Corporation) c:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeterw.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Thisisu) C:\Users\Ver4a\Desktop\JRT_NEW.exe
() C:\Program Files\GrabRez\updateGrabRez.exe
() C:\Program Files\GrabRez\bin\utilGrabRez.exe
() C:\Program Files\GrabRez\bin\FilterApp_C.exe
() C:\Program Files\GrabRez\bin\GrabRez.BrowserAdapter.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Ver4a\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2010-11-01] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1873192 2010-11-01] (Synaptics Incorporated)
HKLM\...\Run: [PMBVolumeWatcher] => c:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4241512 2012-03-07] (AVAST Software)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [1022352 2012-09-04] (BitTorrent, Inc.)
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\Run: [PriceMeterW] => C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeterw.exe [309768 2014-03-13] (PriceMeter)
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {186f068c-533b-11e3-a104-f0bf978d0915} - F:\LaunchU3.exe -a
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {1f754777-393d-11e2-a10a-f0bf978d0915} - F:\Autorun.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {3205294e-7208-11e2-8426-90004ed7a618} - F:\Autorun.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {b0389aee-89ac-11e2-b74d-f0bf978d0915} - E:\setup.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {d9c52ceb-3226-11e2-9aa4-f0bf978d0915} - F:\Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.eu/vaioportal
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {be823b8c-a7ec-4078-a321-0f8046cbb48a} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0AAA889C-4B45-4F35-889D-C65571E79FB3} URL = http://services.zinio.com/search?s={sea ... sonyslices
SearchScopes: HKCU - {D7D808DE-7E92-4875-9BF8-FF39837E22B0} URL = http://rover.ebay.com/rover/1/14361-113 ... earchTerms}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Toolbar BHO - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll No File
BHO: Search Assistant BHO - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: GrabRez - {e1420d09-acc8-4efd-9965-e7ae3c5b977c} - C:\Program Files\GrabRez\GrabRezBHO.dll (GrabRez)
BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Ver4a\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll ()
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - SafePCRepair - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0F9FD977-63B0-43C5-9626-B7A7C2080744}: [NameServer]
Tcpip\..\Interfaces\{3811ACE0-8FA2-FB76-B150-F42917A9776E}: [NameServer]93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{5E142FD9-AAA9-448D-A0F3-83E0058B46CE}: [NameServer]
Tcpip\..\Interfaces\{80496C92-D6E3-4BF8-83BF-23E360EFE280}: [NameServer]93.153.117.1 93.153.117.33

FireFox:
========
FF ProfilePath: C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @richmediaplayer.com/nppluginrichmediaplayer - C:\Program Files\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll ()
FF Plugin: @SafePCRepair_89.com/Plugin - C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Ver4a\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: SafePCRepair - C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\Extensions\89ffxtbr@SafePCRepair_89.com [2014-04-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-17]
FF HKLM\...\Firefox\Extensions: [{3DF4B26D-DB19-45DF-962A-6719D071245B}] - C:\Users\Ver4a\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}
FF Extension: Rich Media Player extension - C:\Users\Ver4a\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B} [2013-08-19]
FF HKLM\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files\PasswordBox\Firefox [2013-11-22]

========================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [284160 2011-01-06] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [140224 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2012-03-07] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 MbnExt; C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [189048 2011-01-29] (Sony Corporation)
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587472 2012-11-09] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1699168 2012-11-02] (TuneUp Software)
R2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 Update GrabRez; C:\Program Files\GrabRez\updateGrabRez.exe [350488 2014-04-18] ()
R2 Util GrabRez; C:\Program Files\GrabRez\bin\utilGrabRez.exe [350488 2014-04-17] ()
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [64704 2011-03-05] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [546608 2011-02-18] (Sony Corporation)
S3 VcmINSMgr; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [385336 2011-02-18] (Sony Corporation)
R3 VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [44736 2011-02-14] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [772800 2011-02-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [957056 2012-10-26] (Sony Corporation)
S3 ioloService; C:\Program Files\SafePCRepair\ioloToolService.exe [X]
S2 SafePCRepair_89Service; C:\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe [X]
S2 vToolbarUpdater18.0.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [64128 2011-02-17] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [32384 2011-02-17] (Advanced Micro Devices)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17408 2009-05-26] (ArcSoft, Inc.)
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [21256 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [58680 2012-10-31] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [44784 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [738504 2012-10-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [361032 2012-10-31] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [54232 2012-10-31] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [102416 2011-02-15] (ATI Technologies, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-03-23] (AVG Technologies)
S3 btwampfl; C:\Windows\System32\drivers\btwampfl.sys [297000 2010-11-01] (Broadcom Corporation.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [202752 2012-04-23] (Huawei Technologies Co., Ltd.)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software)
R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52920 2014-02-25] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 15:42 - 2014-04-20 15:42 - 00019210 _____ () C:\Users\Ver4a\Desktop\FRST.txt
2014-04-20 15:41 - 2014-04-20 15:42 - 00000000 ____D () C:\FRST
2014-04-20 15:39 - 2014-04-20 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\Ver4a\Desktop\FRSTLauncher.exe
2014-04-20 15:34 - 2014-04-20 15:34 - 01043968 _____ (Farbar) C:\Users\Ver4a\Desktop\FRST.exe
2014-04-20 15:32 - 2014-04-20 15:32 - 00004832 _____ () C:\Users\Ver4a\Desktop\JRT.txt
2014-04-20 15:23 - 2014-04-20 15:23 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 15:22 - 2014-04-06 08:36 - 01016261 _____ (Thisisu) C:\Users\Ver4a\Desktop\JRT_NEW.exe
2014-04-20 15:21 - 2014-04-20 15:21 - 01032220 _____ (Thisisu) C:\Users\Ver4a\Desktop\JRT.exe
2014-04-20 15:05 - 2014-04-20 15:05 - 00000056 _____ () C:\Windows\setupact.log
2014-04-20 15:05 - 2014-04-20 15:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-20 15:04 - 2014-04-20 15:04 - 00001498 _____ () C:\Windows\PFRO.log
2014-04-20 14:56 - 2014-04-20 15:03 - 00000000 ____D () C:\AdwCleaner
2014-04-20 14:55 - 2014-04-20 14:55 - 01308369 _____ () C:\Users\Ver4a\Desktop\adwcleaner.exe
2014-04-09 17:50 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 17:50 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 17:50 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 17:50 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 17:50 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 17:50 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 17:50 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 17:50 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-02 17:29 - 2014-04-02 17:29 - 00034534 _____ () C:\Users\Ver4a\Downloads\2. část BP_Pátková.sxw
2014-03-29 16:46 - 2014-03-29 16:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 16:30 - 2014-03-29 16:30 - 00000346 _____ () C:\Windows\Tasks\pricemeterwatcher.job
2014-03-29 16:30 - 2014-03-29 16:30 - 00000344 _____ () C:\Windows\Tasks\pricemetertask.job
2014-03-27 23:46 - 2014-03-31 15:46 - 00000084 _____ () C:\Users\Ver4a\AppData\Roaming\WB.CFG
2014-03-27 22:46 - 2014-04-20 15:05 - 00000948 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2014-03-27 22:46 - 2014-04-20 14:53 - 00000952 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2014-03-27 22:46 - 2014-04-20 14:47 - 00000292 _____ () C:\Windows\Tasks\PriceMeterUpdater.job
2014-03-27 22:46 - 2014-03-27 22:51 - 00000000 ____D () C:\Users\Ver4a\AppData\Local\PriceMeter
2014-03-27 22:46 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter

==================== One Month Modified Files and Folders =======

2014-04-20 15:42 - 2014-04-20 15:42 - 00019210 _____ () C:\Users\Ver4a\Desktop\FRST.txt
2014-04-20 15:42 - 2014-04-20 15:41 - 00000000 ____D () C:\FRST
2014-04-20 15:41 - 2012-02-22 20:35 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\uTorrent
2014-04-20 15:39 - 2014-04-20 15:39 - 00112640 _____ (forum.viry.cz) C:\Users\Ver4a\Desktop\FRSTLauncher.exe
2014-04-20 15:34 - 2014-04-20 15:34 - 01043968 _____ (Farbar) C:\Users\Ver4a\Desktop\FRST.exe
2014-04-20 15:32 - 2014-04-20 15:32 - 00004832 _____ () C:\Users\Ver4a\Desktop\JRT.txt
2014-04-20 15:27 - 2009-07-14 04:04 - 00000678 _____ () C:\Windows\win.ini
2014-04-20 15:23 - 2014-04-20 15:23 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 15:22 - 2009-07-14 06:34 - 00020608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 15:22 - 2009-07-14 06:34 - 00020608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 15:21 - 2014-04-20 15:21 - 01032220 _____ (Thisisu) C:\Users\Ver4a\Desktop\JRT.exe
2014-04-20 15:09 - 2011-09-10 19:49 - 01439438 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 15:05 - 2014-04-20 15:05 - 00000056 _____ () C:\Windows\setupact.log
2014-04-20 15:05 - 2014-04-20 15:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-20 15:05 - 2014-03-27 22:46 - 00000948 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2014-04-20 15:05 - 2014-02-20 14:28 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-04-20 15:05 - 2012-03-17 09:43 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 15:05 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 15:04 - 2014-04-20 15:04 - 00001498 _____ () C:\Windows\PFRO.log
2014-04-20 15:03 - 2014-04-20 14:56 - 00000000 ____D () C:\AdwCleaner
2014-04-20 15:02 - 2011-09-10 20:27 - 00000000 ____D () C:\Users\Ver4a
2014-04-20 15:01 - 2011-09-28 19:21 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-20 14:55 - 2014-04-20 14:55 - 01308369 _____ () C:\Users\Ver4a\Desktop\adwcleaner.exe
2014-04-20 14:54 - 2013-01-25 18:53 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-20 14:53 - 2014-03-27 22:46 - 00000952 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2014-04-20 14:49 - 2012-03-17 09:43 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 14:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-04-20 14:47 - 2014-03-27 22:46 - 00000292 _____ () C:\Windows\Tasks\PriceMeterUpdater.job
2014-04-20 14:45 - 2013-01-26 19:26 - 00000000 ____D () C:\Users\Ver4a\AppData\Local\CrashDumps
2014-04-20 13:25 - 2012-04-11 10:15 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001UA.job
2014-04-20 13:25 - 2012-04-11 10:15 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001Core.job
2014-04-20 11:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-20 09:55 - 2012-11-03 14:41 - 00000000 ____D () C:\Users\Ver4a\Desktop\na vyvolání
2014-04-17 12:41 - 2009-07-14 06:53 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-13 14:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-12 18:20 - 2010-11-20 23:01 - 01586106 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 22:17 - 2011-11-14 13:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 12:23 - 2012-03-14 12:02 - 00754588 _____ () C:\test.xml
2014-04-06 17:38 - 2013-11-22 08:01 - 00000000 ____D () C:\Program Files\PasswordBox
2014-04-06 08:36 - 2014-04-20 15:22 - 01016261 _____ (Thisisu) C:\Users\Ver4a\Desktop\JRT_NEW.exe
2014-04-02 17:29 - 2014-04-02 17:29 - 00034534 _____ () C:\Users\Ver4a\Downloads\2. část BP_Pátková.sxw
2014-03-31 15:46 - 2014-03-27 23:46 - 00000084 _____ () C:\Users\Ver4a\AppData\Roaming\WB.CFG
2014-03-31 09:35 - 2012-02-13 21:49 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 02:13 - 2014-04-09 17:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 01:57 - 2014-04-09 17:50 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-30 16:34 - 2012-08-11 18:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-29 16:46 - 2014-03-29 16:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 16:30 - 2014-03-29 16:30 - 00000346 _____ () C:\Windows\Tasks\pricemeterwatcher.job
2014-03-29 16:30 - 2014-03-29 16:30 - 00000344 _____ () C:\Windows\Tasks\pricemetertask.job
2014-03-27 22:51 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\Ver4a\AppData\Local\PriceMeter
2014-03-27 22:46 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
2014-03-23 18:51 - 2013-08-19 14:32 - 00042272 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-03-23 18:51 - 2013-08-19 14:31 - 00003749 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml

Some content of TEMP:
====================
C:\Users\Ver4a\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001Core.job => C:\Users\Ver4a\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001UA.job => C:\Users\Ver4a\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
Task: C:\Windows\Tasks\pricemetertask.job => C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
Task: C:\Windows\Tasks\PriceMeterUpdater.job => C:\Users\Ver4a\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\pricemeterwatcher.job => C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeterw.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ver4a\Desktop" je 1011 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Ver4a\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
"C:\Program Files\ICQ7.6\ICQ.exe" silent loginmode=4 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe
"C:\Program Files\Sony\ISB Utility\ISBMgr.exe" zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\playnowradio
C:\Users\Ver4a\AppData\Local\playnowradio\playnowradio\1.3.2.11\playnowradio.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SafePCRepair Search Scope Monitor
"C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe" /m=2 /w /h [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SafePCRepair_89 Browser Plugin Loader
C:\PROGRA~1\SAFEPC~2\bar\1.bin\89brmon.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager
"C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive
"C:\Program Files\VirtualCloneDrive\VCDDaemon.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
"C:\Program Files\AVG SafeGuard toolbar\vprot.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ver4a^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk
C:\Users\Ver4a\AppData\Local\Facebook\MESSEN~1\214814~1.0\FACEBO~1.EXE zipperformer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ver4a^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~1\MIF5BA~1\Office12\ONENOTEM.EXE /tsr [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================




zde je log z JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by Ver4a on ne 20.04.2014 at 15:23:51,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-85045441-3859974231-1480163339-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{50813CE3-DE06-4038-BFF7-D7A3B00D31D3}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Ver4a\appdata\local\{02B9A07E-6CE2-4CBE-A64C-5F3A5F2D38D9}
Successfully deleted: [Empty Folder] C:\Users\Ver4a\appdata\local\{0CC98B85-2DFE-49C9-9138-245150A79AC3}
Successfully deleted: [Empty Folder] C:\Users\Ver4a\appdata\local\{505E7DBC-7F0C-41EC-AAF9-1F8A4BC32BFE}
Successfully deleted: [Empty Folder] C:\Users\Ver4a\appdata\local\{54E84239-CEAC-43EF-A776-7FE3ECBD45C4}
Successfully deleted: [Empty Folder] C:\Users\Ver4a\appdata\local\{74D56B4B-B25E-471F-B102-1B18B5C27052}
Successfully deleted: [Empty Folder] C:\Users\Ver4a\appdata\local\{C0007EEC-84A5-42B4-9937-3848CC09AE3D}



~~~ FireFox

Successfully deleted the following from C:\Users\Ver4a\AppData\Roaming\mozilla\firefox\profiles\wavbsgy3.default\prefs.js

user_pref("browser.newtab.url", "hxxp://www.buenosearch.com/?babsrc=NT_ss&mntrI ... 3&tsp=5199");
user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 3&tsp=5199");
user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 3&tsp=5199");
user_pref("extensions.toolbar.mindspark._89Members_.BUTTON_STRUCTURE", "[{\"b\":221337215,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221337216,\"c\":\"mindspark.enterse
user_pref("extensions.toolbar.mindspark._89Members_.firstKnownVersion", "6.33.3.53560");
user_pref("extensions.toolbar.mindspark._89Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?n=780bd79f&p2=^AW7^xpi000^YYA^");
user_pref("extensions.toolbar.mindspark._89Members_.initialized", true);
user_pref("extensions.toolbar.mindspark._89Members_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._89Members_.installation.installDate", "2014042015");
user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerId", "^AW7^xpi000^YYA^");
user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerSubId", "");
user_pref("extensions.toolbar.mindspark._89Members_.installation.success", false);
user_pref("extensions.toolbar.mindspark._89Members_.isCompliantUninstallImplementation", true);
user_pref("extensions.toolbar.mindspark._89Members_.lastKnownVersion", "6.33.3.53560");
user_pref("extensions.toolbar.mindspark._89Members_.options.defaultSearch", false);
user_pref("extensions.toolbar.mindspark._89Members_.options.homePageEnabled", false);
user_pref("extensions.toolbar.mindspark._89Members_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._89Members_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark._89Members_.successUrl", "hxxp://safepcrepair.dl.tb.ask.com/installComplete.jhtml");
user_pref("extensions.toolbar.mindspark._89Members_.toolbarCollapsed", false);
user_pref("extensions.toolbar.mindspark.lastInstalled", "safepcrepair@mindspark.com");
Emptied folder: C:\Users\Ver4a\AppData\Roaming\mozilla\firefox\profiles\wavbsgy3.default\minidumps [117 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Ver4a\appdata\local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 20.04.2014 at 15:32:29,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


a zde log z ADW c.

# AdwCleaner v3.100 - Report created 20/04/2014 at 15:01:00
# Updated 20/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Ver4a - VER4A-VAIO
# Running from : C:\Users\Ver4a\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : ICQ Service
[#] Service Deleted : pricemeterliveUpdate
[#] Service Deleted : pricemeterliveUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
[!] Folder Deleted : C:\ProgramData\PriceMeterLiveUpdate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\buenosearch LTD
Folder Deleted : C:\Program Files\Complitly
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Gophoto.it
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\Mobogenie
[!] Folder Deleted : C:\Program Files\PriceMeterLiveUpdate
Folder Deleted : C:\Program Files\SafePCRepair
Folder Deleted : C:\Program Files\SafePCRepair_89
Folder Deleted : C:\Program Files\Torntv V9.0
Folder Deleted : C:\Program Files\TornTV.com
Folder Deleted : C:\Program Files\uTorrentControl2
Folder Deleted : C:\Program Files\uTorrentControl_v2
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Ver4a\.android
[!] Folder Deleted : C:\Users\Ver4a\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Ver4a\AppData\Local\Conduit
Folder Deleted : C:\Users\Ver4a\AppData\Local\genienext
Folder Deleted : C:\Users\Ver4a\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Ver4a\AppData\Local\playnowradio
Folder Deleted : C:\Users\Ver4a\AppData\Local\PriceMeterLiveUpdate
Folder Deleted : C:\Users\Ver4a\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Ver4a\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Ver4a\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Ver4a\AppData\LocalLow\Torntv V9.0
Folder Deleted : C:\Users\Ver4a\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Ver4a\AppData\LocalLow\uTorrentControl_v2
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\buenosearch LTD
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\Complitly
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\PriceMeterUpdater
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Ver4a\Documents\Mobogenie
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\SafePCRepair_89
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\Extensions\ffxtlbr@buenosearch.com
Folder Deleted : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com
Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfoobbgoakpihljnfedbcfaipcdlfhk
Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
[!] Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
[!] Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ver4a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
File Deleted : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\Extensions\{0602868e-3e6e-4d93-81e8-5b2290f620ba}.xpi
File Deleted : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\Extensions\gophoto@gophoto.it.xpi
File Deleted : C:\Users\Public\Desktop\TornTV.lnk
File Deleted : C:\Users\Ver4a\daemonprocess.txt
File Deleted : C:\Users\Ver4a\Desktop\Mobogenie.lnk
File Deleted : C:\Users\Ver4a\Desktop\TornTV.lnk
File Deleted : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\searchplugins\ask-web-search.xml
File Deleted : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\searchplugins\buenosearch.xml
File Deleted : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\user.js
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
File Deleted : C:\Windows\System32\Tasks\EPUpdater
File Deleted : C:\Windows\Tasks\Torntv V9.0-chromeinstaller.job
File Deleted : C:\Windows\System32\Tasks\Torntv V9.0-chromeinstaller
File Deleted : C:\Windows\Tasks\Torntv V9.0-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\Torntv V9.0-codedownloader
File Deleted : C:\Windows\Tasks\Torntv V9.0-enabler.job
File Deleted : C:\Windows\System32\Tasks\Torntv V9.0-enabler
File Deleted : C:\Windows\Tasks\Torntv V9.0-firefoxinstaller.job
File Deleted : C:\Windows\System32\Tasks\Torntv V9.0-firefoxinstaller
File Deleted : C:\Windows\Tasks\Torntv V9.0-updater.job
File Deleted : C:\Windows\System32\Tasks\Torntv V9.0-updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\acfoobbgoakpihljnfedbcfaipcdlfhk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23ED98A4-97DA-4052-85B6-57328EAEC28A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23ED98A4-97DA-4052-85B6-57328EAEC28A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6124CDBF-7561-4492-B1FE-1FDCF3FC9CF1}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6124CDBF-7561-4492-B1FE-1FDCF3FC9CF1}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{316DACA3-38E7-4DA4-B769-68CC50C27E8F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0278C14D-7F00-4079-BC17-2361242B4FDD}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0278C14D-7F00-4079-BC17-2361242B4FDD}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22C7E6A2-6DCE-4BA9-B2AD-5B3A39E0CC56}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22C7E6A2-6DCE-4BA9-B2AD-5B3A39E0CC56}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC171CCD-5FEA-4416-BBDA-2D83338495EB}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC171CCD-5FEA-4416-BBDA-2D83338495EB}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16F98B3F-0272-4520-A51F-6CFCF9BC6ACA}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16F98B3F-0272-4520-A51F-6CFCF9BC6ACA}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0ECE756A-66E8-488A-8303-85083963923B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ECE756A-66E8-488A-8303-85083963923B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchappCore
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchHlpr
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.buenosearchESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.buenosearchESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=9
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4CC15FBA-46A4-4CB5-BFAF-F2335365AE76}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8322EB6E-B594-41F6-A30B-CF3F800E1874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132290}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544134490}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{139332be-c543-496b-9601-baa87335a8ba}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29efaf3d-be25-45a4-9aa3-7983129454cc}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3eb64985-fac7-4fdd-bca8-23d0f5ad3d95}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5b3cd634-86e8-4c7d-9979-9881bc0ae2db}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b0850bfa-0072-4b71-90d3-2e4ac0ff0c25}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dd2d3955-ce98-4f1b-8b84-39ad95668f77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e3516083-2083-496f-a568-9c50e99d372c}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5bbf3ef-2e2b-4c90-802c-f916ea47ad49}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{500A3BCA-1C5A-44C6-B27B-B6AA82A9C356}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01D2B2B4-5ED6-48AD-8E6D-BB7487898490}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE46C25B-96F4-4CD5-9F47-229183D7927C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7586BB2-A6E0-4C65-BE58-4B23FAAFB348}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{828DC97A-2277-4E10-92A9-4907FA0922A9}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\buenosearch LTD
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Torntv V9.0
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\buenosearch LTD
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DealPlyLive
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\installedbrowserextensions
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\Torntv V9.0
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\buenosearch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torntv V9.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\prefs.js ]

Line Deleted : user_pref("CT1750559_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1376915082934,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1376915082763,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT1750559&CUI=UN87826578210900287&UM=1&SearchSource=13");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT1750559");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "BS Player ControlBar Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&CUI=UN87826578210900287&UM=1&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=113DC2D8-0DED-47B9-9271-4873C73F8A07&n=77fd802b&p2=^AW7^xdm055^YYA^cz&si=YO_SAF_INTL_CZE_53");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.InstallationThankYouPage", true);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.InstallationTime", 1393317204);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390_dbWasSet", true);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390_dbWasSet_FF25_FIX", true[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.active", true);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.addressbar", "NA");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.addressbarenhanced", "");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncdb.was_copied", "true");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncdb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncinternaldb.was_copied", "true");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.backgroundver", 4);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.certdomaininstaller", "");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.changeprevious", false);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallationTime.value", "%221393317204%22");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001062%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie._GPL_aoi.value", "%221395239944%22");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie._GPL_parent_zoneid.value", "%22530583%22");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.au.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.au.value", "%222014-3-19%22");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.cm_page_views.expiration", "Mon Apr 21 2014 13:48:56 GMT+0200");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.cm_page_views.value", "31");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.cnt.value", "%22CZ%22");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.first_run.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.first_run.value", "%221%22");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.install.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.install.value", "%222014-2-25%22");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.jw_token.value", "%226d93b6e6-0998-07b5-ecbe-cdd411752809%22");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.partner_is_not_installed.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.partner_is_not_installed.value", "true");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.partner_last_seen.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.partner_last_seen.value", "1395134038176");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.value", "%22hxxps%3A//extclickmedia-maynemyltf.netdna-ssl.com/Extensions/analyti[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.description", "The must-have App extensions for Television fans! Watch free TV channels, live spor[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.domain", "");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.enablesearch", false);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.homepage", "");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.iframe", false);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2296A51B865B42468BBA92E8FA3C9F2[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001062%22%2C%22sub_id%22%3A%220%22%2C%[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001062%22%2C%22sub_id%22%3A%220%2[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%2296A51B865B42468BBA92[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_appVer.value", "42");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_lastVersion.value", "2");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_nextCheck.expiration", "Sun Apr 20 2014 19:55:58 GMT+0200");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.__defualt_browser__.value", "%22ff%22");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%2296A51B86[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledWithHash.value", "null");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.lastDailyReport", "1397994955887");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.lastUpdate", "1397994954569");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.manifesturl", "");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.name", "Torntv V9.0");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.newtab", "");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.opensearch", "");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.pluginsurl", "hxxp://js.clientdemocloud.com/plugin/apps/51390/plugins/094/ff/plugins.json");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.pluginsversion", 37);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.publisher", "installdaddy");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.searchstatus", 0);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.setnewtab", false);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.thankyou", "");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.updateinterval", 360);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.ver", 42);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.FilesValidatorDueTime", "1397995013833");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.apps", "51390");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.bic", "144682f9fa3fd6c6522b8b7c08c92b28");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.cid", 51390);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.firstrun", false);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.hadappinstalled", true);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.installationdate", 1393317355);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.modetype", "production");
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.reportInstall", true);
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.statsDailyCounter", 103);
Line Deleted : user_pref("extensions.crossrider.bic", "144682f9fa3fd6c6522b8b7c08c92b28");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.BUTTON_STRUCTURE", "[{\"b\":221337215,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221337216,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.savedPrev", "true");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.tb", "Ask Web Search");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.savedPrev", "true");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.tb", "Ask Web Search");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.homepage.prev", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.homepage.savedPrev", "true");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=113DC2D8-0DED-47B9-9271-4873C73F8A07&n=77fd802b&p2=^AW7^xdm055^YYA^cz&si=YO_SA[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.page.savedPrev", 1);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.page.tb", 1);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.firstKnownVersion", "5.71.2.61854");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=113DC2D8-0DED-47B9-9271-4873C73F8A07&n=77fd802b&p2=^AW7^xdm055^YYA^cz&si=YO_SAF_INTL_CZE_53");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.hp.lastGuardTime", 88827644);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.hp.numGuards", 1);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.installDate", "2013102123");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerId", "^AW7^xdm055^YYA^cz");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerSubId", "YO_SAF_INTL_CZE_53");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.toolbarId", "113DC2D8-0DED-47B9-9271-4873C73F8A07");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.isCompliantUninstallImplementation", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.lastActivePing", "1397994956561");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.lastKnownVersion", "6.33.3.53560");
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.searchHistory", "valetino:the last emperor||Sazba pro zdravotní pojiatní\r\n\r\nPojistné na zdravotní pojiatní OSV je 13,5 % z vymYovacího zákla[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.toolbarCollapsed", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.weather.location", "10001");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "safepcrepair@mindspark.com");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "safepcrepair@mindspark.com");
Line Deleted : user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=113DC2D8-0DED-47B9-9271-4873C73F8A07&n=77fd802b&ind=2013102123&p2=^AW7^xdm055^YYA^cz&si=YO_SAF_INTL_CZE_53&searchfor="[...]
Line Deleted : user_pref("smartBar.searchInNewTabOwner", "CT3220468");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT1750559");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT1750559&CUI=UN87826578210900287&UM=1&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT1750559");
Line Deleted : user_pref("smartbar.machineId", "P1VTWBOJWPUMHOJTT5SSI2WPVNULK3LD2DU6VTLC0DAENAKDJBXLDCUHIUFKNALCOE5HYZDM0/KDGCFKZQKTSW");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Deleted : user_pref("smartbar.originalSearchEngine", "");

*************************

AdwCleaner[R0].txt - [57602 octets] - [20/04/2014 14:57:52]
AdwCleaner[S0].txt - [52954 octets] - [20/04/2014 15:01:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [53015 octets] ##########

Re: Zasekaný NB- prosim o kontrolu logu

Napsal: 20 dub 2014 17:53
od Rudy
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\Program Files\GrabRez
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {186f068c-533b-11e3-a104-f0bf978d0915} - F:\LaunchU3.exe -a
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {1f754777-393d-11e2-a10a-f0bf978d0915} - F:\Autorun.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {3205294e-7208-11e2-8426-90004ed7a618} - F:\Autorun.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {b0389aee-89ac-11e2-b74d-f0bf978d0915} - E:\setup.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {d9c52ceb-3226-11e2-9aa4-f0bf978d0915} - F:\Autorun.exe
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {be823b8c-a7ec-4078-a321-0f8046cbb48a} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0AAA889C-4B45-4F35-889D-C65571E79FB3} URL = http://services.zinio.com/search?s={sea ... sonyslices
SearchScopes: HKCU - {D7D808DE-7E92-4875-9BF8-FF39837E22B0} URL = http://rover.ebay.com/rover/1/14361-113 ... 4?satitle={searchTerms}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
BHO: Toolbar BHO - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll No File
BHO: Search Assistant BHO - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll No File
C:\Program Files\SafePCRepair_89\bar
C:\Program Files\Microsoft\BingBar
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
BHO: GrabRez - {e1420d09-acc8-4efd-9965-e7ae3c5b977c} - C:\Program Files\GrabRez\GrabRezBHO.dll (GrabRez)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - SafePCRepair - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @SafePCRepair_89.com/Plugin - C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll No File
FF Extension: SafePCRepair - C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\Extensions\89ffxtbr@SafePCRepair_89.com [2014-04-20]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
C:\Windows\Tasks\pricemeterwatcher.job
C:\Windows\Tasks\pricemetertask.job
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
C:\Windows\Tasks\PriceMeterUpdater.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001Core.job
C:\Users\Ver4a\AppData\Local\Temp
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001Core.job => C:\Users\Ver4a\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001UA.job => C:\Users\Ver4a\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
Task: C:\Windows\Tasks\pricemetertask.job => C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
Task: C:\Windows\Tasks\PriceMeterUpdater.job => C:\Users\Ver4a\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\pricemeterwatcher.job => C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeterw.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SafePCRepair Search Scope Monitor
"C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe" /m=2 /w /h [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SafePCRepair_89 Browser Plugin Loader
C:\PROGRA~1\SAFEPC~2\bar\1.bin\89brmon.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE zipperformer
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Zasekaný NB- prosim o kontrolu logu

Napsal: 20 dub 2014 19:06
od hanybany
proved jsem dle instrukcí. NB se jeví více zpomaleně než před touto akcí

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 20-04-2014
Ran by Ver4a at 2014-04-20 19:59:23 Run:1
Running from C:\Users\Ver4a\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
C:\Program Files\GrabRez
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {186f068c-533b-11e3-a104-f0bf978d0915} - F:\LaunchU3.exe -a
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {1f754777-393d-11e2-a10a-f0bf978d0915} - F:\Autorun.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {3205294e-7208-11e2-8426-90004ed7a618} - F:\Autorun.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {b0389aee-89ac-11e2-b74d-f0bf978d0915} - E:\setup.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {d9c52ceb-3226-11e2-9aa4-f0bf978d0915} - F:\Autorun.exe
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {be823b8c-a7ec-4078-a321-0f8046cbb48a} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0AAA889C-4B45-4F35-889D-C65571E79FB3} URL = http://services.zinio.com/search?s={sea ... sonyslices
SearchScopes: HKCU - {D7D808DE-7E92-4875-9BF8-FF39837E22B0} URL = http://rover.ebay.com/rover/1/14361-113 ... 4?satitle={searchTerms}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
BHO: Toolbar BHO - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll No File
BHO: Search Assistant BHO - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll No File
C:\Program Files\SafePCRepair_89\bar
C:\Program Files\Microsoft\BingBar
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
BHO: GrabRez - {e1420d09-acc8-4efd-9965-e7ae3c5b977c} - C:\Program Files\GrabRez\GrabRezBHO.dll (GrabRez)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - SafePCRepair - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @SafePCRepair_89.com/Plugin - C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll No File
FF Extension: SafePCRepair - C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\Extensions\89ffxtbr@SafePCRepair_89.com [2014-04-20]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
C:\Windows\Tasks\pricemeterwatcher.job
C:\Windows\Tasks\pricemetertask.job
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
C:\Windows\Tasks\PriceMeterUpdater.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001Core.job
C:\Users\Ver4a\AppData\Local\Temp
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001Core.job => C:\Users\Ver4a\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001UA.job => C:\Users\Ver4a\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
Task: C:\Windows\Tasks\pricemetertask.job => C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
Task: C:\Windows\Tasks\PriceMeterUpdater.job => C:\Users\Ver4a\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\pricemeterwatcher.job => C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeterw.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SafePCRepair Search Scope Monitor
"C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe" /m=2 /w /h [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SafePCRepair_89 Browser Plugin Loader
C:\PROGRA~1\SAFEPC~2\bar\1.bin\89brmon.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE zipperformer
End
*****************


"C:\Program Files\GrabRez" directory move:

C:\Program Files\GrabRez\0 => Moved successfully.
C:\Program Files\GrabRez\7za.exe => Moved successfully.
C:\Program Files\GrabRez\GrabRez.ico => Moved successfully.
C:\Program Files\GrabRez\GrabRezBHO.dll => Moved successfully.
C:\Program Files\GrabRez\GrabRezUninstall.exe => Moved successfully.
C:\Program Files\GrabRez\updateGrabRez.exe => Moved successfully.
C:\Program Files\GrabRez\updateGrabRez.InstallState => Moved successfully.
C:\Program Files\GrabRez\bin\7za.exe => Moved successfully.
C:\Program Files\GrabRez\bin\BrowserAdapterS.7z => Moved successfully.
C:\Program Files\GrabRez\bin\FilterApp_C.exe => Moved successfully.
C:\Program Files\GrabRez\bin\GrabRez.BrowserAdapter.exe => Moved successfully.
C:\Program Files\GrabRez\bin\GrabRezBAApp.dll => Moved successfully.
C:\Program Files\GrabRez\bin\sqlite3.dll => Moved successfully.
C:\Program Files\GrabRez\bin\tmpB7E5.tmp => Moved successfully.
C:\Program Files\GrabRez\bin\utilGrabRez.exe => Moved successfully.
C:\Program Files\GrabRez\bin\utilGrabRez.InstallState => Moved successfully.
C:\Program Files\GrabRez\bin\{0602868e-3e6e-4d93-81e8-5b2290f620ba}.dll => Moved successfully.
C:\Program Files\GrabRez\bin\plugins\GrabRez.Bromon.dll => Moved successfully.
C:\Program Files\GrabRez\bin\plugins\GrabRez.BrowserAdapterS.dll => Moved successfully.
C:\Program Files\GrabRez\bin\plugins\GrabRez.CompatibilityChecker.dll => Moved successfully.
C:\Program Files\GrabRez\bin\plugins\GrabRez.FFUpdate.dll => Moved successfully.
C:\Program Files\GrabRez\bin\plugins\GrabRez.IEUpdate.dll => Moved successfully.
C:\Program Files\GrabRez\bin\plugins\GrabRez.PurBrowseG.dll => Moved successfully.
Could not move "C:\Program Files\GrabRez" directory. => Scheduled to move on reboot.

HKU\S-1-5-21-85045441-3859974231-1480163339-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-85045441-3859974231-1480163339-1001 => Key deleted successfully.
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{186f068c-533b-11e3-a104-f0bf978d0915} => Key deleted successfully.
HKCR\CLSID\{186f068c-533b-11e3-a104-f0bf978d0915} => Key deleted successfully.
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f754777-393d-11e2-a10a-f0bf978d0915} => Key deleted successfully.
HKCR\CLSID\{1f754777-393d-11e2-a10a-f0bf978d0915} => Key deleted successfully.
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3205294e-7208-11e2-8426-90004ed7a618} => Key deleted successfully.
HKCR\CLSID\{3205294e-7208-11e2-8426-90004ed7a618} => Key deleted successfully.
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0389aee-89ac-11e2-b74d-f0bf978d0915} => Key deleted successfully.
HKCR\CLSID\{b0389aee-89ac-11e2-b74d-f0bf978d0915} => Key deleted successfully.
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9c52ceb-3226-11e2-9aa4-f0bf978d0915} => Key deleted successfully.
HKCR\CLSID\{d9c52ceb-3226-11e2-9aa4-f0bf978d0915} => Key deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{be823b8c-a7ec-4078-a321-0f8046cbb48a} => Value deleted successfully.
HKCR\CLSID\{be823b8c-a7ec-4078-a321-0f8046cbb48a} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0AAA889C-4B45-4F35-889D-C65571E79FB3} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0AAA889C-4B45-4F35-889D-C65571E79FB3} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D7D808DE-7E92-4875-9BF8-FF39837E22B0} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D7D808DE-7E92-4875-9BF8-FF39837E22B0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
HKCR\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key deleted successfully.
C:\Program Files\McAfee Security Scan => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1fc509df-4b29-4ab3-96e6-47c178d60287} => Key deleted successfully.
HKCR\CLSID\{1fc509df-4b29-4ab3-96e6-47c178d60287} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d13bf91-ea09-4ed8-9acd-c6bad32617b9} => Key deleted successfully.
HKCR\CLSID\{5d13bf91-ea09-4ed8-9acd-c6bad32617b9} => Key deleted successfully.
"C:\Program Files\SafePCRepair_89\bar" => File/Directory not found.
C:\Program Files\Microsoft\BingBar => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => Key deleted successfully.
HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
C:\Program Files\Skype\Toolbars => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} => Key deleted successfully.
HKCR\CLSID\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => Value deleted successfully.
HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} => Value deleted successfully.
HKCR\CLSID\{a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} => Key deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key deleted successfully.
FF Plugin: @microsoft.com/GENUINE - disabled No File not found.
HKLM\Software\MozillaPlugins\@SafePCRepair_89.com/Plugin => Key deleted successfully.
C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll not found.
C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default\Extensions\89ffxtbr@SafePCRepair_89.com => Moved successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\pricemeterwatcher.job => Moved successfully.
C:\Windows\Tasks\pricemetertask.job => Moved successfully.
"C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job" => File/Directory not found.
"C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job" => File/Directory not found.
C:\Windows\Tasks\PriceMeterUpdater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001Core.job => Moved successfully.

"C:\Users\Ver4a\AppData\Local\Temp" directory move:

C:\Users\Ver4a\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Ver4a\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Ver4a\AppData\Local\Temp\JRT.txt => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\log3 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\modules00 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\modules11 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\preferences => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\toolbar_log.txt => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7223.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7281.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7282.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7283.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7284.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7C26.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7C46.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7C47.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7C48.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt7C49.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt9ECD.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt9EDE.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt9EDF.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt9EE0.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\utt9F10.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\uttA7B8.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\uttA869.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\uttA95F.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\uttA9ED.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\uttA9EE.tmp => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\~B654.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\~B654.tmp => Moved successfully.
Could not move "C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\Cookies" => Scheduled to move on reboot.
Could not move "C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\Cookies-journal" => Scheduled to move on reboot.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\data_0 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\data_1 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\data_2 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\data_3 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\f_000001 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\f_000002 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\f_000003 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\f_000004 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\f_000005 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\index => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\Cookies => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\Cookies-journal => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\data_0 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\data_1 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\data_2 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\data_3 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\f_000001 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\f_000002 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\f_000003 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\f_000004 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\f_000005 => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir4424_3151\index => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\OICE_2D5C4FCB-EF55-4C3F-9448-449AA9FD97B4.0\EA115E4C. not found.
C:\Users\Ver4a\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\APPID_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\APPID_files.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\appinit64_null.reg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\appinit_null.reg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\APPPATHS.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\APPROVEDEXTENSIONS_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\ask.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\askCLSID.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\askregkey_x64.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\askregkey_x86.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\askregvalue_x64.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\askregvalue_x86.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\askservices.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\badAPPINIT.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\badFOLDERS.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\badFOLDERScom.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\badFOLDERSstart.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\badLNK.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\badvalues.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\BHO_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\BHO_name.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\browsermngr_keys.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\browsermngr_values.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\CHOICE.DAT => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\chrome.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\CHRregkey_x64.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\CHRregkey_x86.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\CHR_extensions.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\CHR_open_x64.reg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\CHR_open_x86.reg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\clean_shortcut.vbs => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\CLSID_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\currentmd5.txt => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\CUT.DAT => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\datamngr_del.reg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\defaultscope.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\delfolders.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\delorphans.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\ELEVATIONPOLICY_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\ev_clear.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\EXT.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFbrowsermngr.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFextensions.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFpluginREG.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFplugins.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFprefs.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFregkey_x64.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFregkey_x86.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFwhtlist.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFXML.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FFXPI.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FF_open_x64.reg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FF_open_x86.reg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\firefox.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FWCLSID.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\FWPolicy.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\get.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\IEwhtlst.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\iexplore.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\IE_open_x64.reg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\IE_open_x86.reg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\IFEO.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\INTERFACE_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\JRT.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\medfos.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\MENUEXT.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\misc.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\modules.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\modules.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\moduleservices.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\newmd5.txt => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\NIRCMD.DAT => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\NOTIFY.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\PREAPPROVED_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\prelim.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\PRODUCTS.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\REGhcr.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\REGhkcu_and_hklm_allow.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\REGhkcu_and_hklm_software.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\REGhkcu_software_appdatalow.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\REGhkcu_software_microsoft.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\REGhklm_software_classes.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\REGISTRYUSERSID.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\runvalues.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\runvalues_x64.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\runvalues_x86.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\S1518COMPONENTS.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\searchlnk.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\SED.DAT => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\sednewline.txt => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\services.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\serviceseventlog.cfg => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\SETTINGS_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\SHORTCUT.DAT => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\STATS_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\TDL4.bat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\TRACING.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\TYPELIB_clsid.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\UNINSTALL.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\UpgradeCodes.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\WGET.DAT => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\WOW6432NODE.dat => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\temp\null.txt => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\erunt\ERDNT.E_E => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\erunt\ERDNTDOS.LOC => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\erunt\ERDNTWIN.LOC => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\erunt\ERUNT.EXE => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\erunt\ERUNT.LOC => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\jrt\erunt\README.TXT => Moved successfully.
Could not move "C:\Users\Ver4a\AppData\Local\Temp" directory. => Scheduled to move on reboot.

C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001Core.job not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001UA.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\pricemetertask.job not found.
C:\Windows\Tasks\PriceMeterUpdater.job not found.
C:\Windows\Tasks\pricemeterwatcher.job not found.
"C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe /m=2 /w /h [x]" => File/Directory not found.
"C:\PROGRA~1\SAFEPC~2\bar\1.bin\89brmon.exe [x]" => File/Directory not found.
"C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE zipperformer" => File/Directory not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-20 20:02:14)<=

C:\Program Files\GrabRez => Moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\Cookies => Is moved successfully.
C:\Users\Ver4a\AppData\Local\Temp\scoped_dir6124_22042\Cookies-journal => Is moved successfully.
C:\Users\Ver4a\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

Re: Zasekaný NB- prosim o kontrolu logu

Napsal: 20 dub 2014 19:37
od Rudy
Smazáno. Nastala nějaká změna?

Re: Zasekaný NB- prosim o kontrolu logu

Napsal: 20 dub 2014 20:15
od hanybany
před tímto smazáním to bylo celkem OK, ale po tomto smazaní system startuje pomaleji a celkově vše trvá poměrně dlouho než něco naběhne :/ co stím?

Re: Zasekaný NB- prosim o kontrolu logu

Napsal: 20 dub 2014 20:54
od Rudy
Byly mázány pouze AdWary a zbytečnosti. Zkuste obnovu systému k datu, kdy korektně fungoval.

Re: Zasekaný NB- prosim o kontrolu logu

Napsal: 20 dub 2014 21:00
od hanybany
OK jdu na to jen malá technická když přejdu na bod obnovení před smazaním nezůstane tam i ta havěť?

Re: Zasekaný NB- prosim o kontrolu logu

Napsal: 20 dub 2014 21:44
od hanybany
obnova hotova...změna nic moc :/ procistil jsem znova adw cleanerem a JRT a udělal log prosím ještě o kontrolu zda to je v pořádku. Moc děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2014 02
Ran by Ver4a (administrator) on VER4A-VAIO on 20-04-2014 22:39:18
Running from C:\Users\Ver4a\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(PasswordBox, Inc.) C:\Program Files\PasswordBox\pbbtnService.exe
(Sony Corporation) c:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(COMPANYVERS_NAME) C:\Program Files\SafePCRepair_89\bar\1.bin\89barsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
() C:\Program Files\GrabRez\updateGrabRez.exe
() C:\Program Files\GrabRez\bin\utilGrabRez.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(PriceMeter) C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeterw.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
() C:\Program Files\GrabRez\bin\FilterApp_C.exe
() C:\Program Files\GrabRez\bin\GrabRez.BrowserAdapter.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(PriceMeter) C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeter.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2010-11-01] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1873192 2010-11-01] (Synaptics Incorporated)
HKLM\...\Run: [PMBVolumeWatcher] => c:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [1022352 2012-09-04] (BitTorrent, Inc.)
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\Run: [PriceMeterW] => C:\Users\Ver4a\AppData\Local\PriceMeter\pricemeterw.exe [309768 2014-03-13] (PriceMeter)
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {186f068c-533b-11e3-a104-f0bf978d0915} - F:\LaunchU3.exe -a
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {1f754777-393d-11e2-a10a-f0bf978d0915} - F:\Autorun.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {3205294e-7208-11e2-8426-90004ed7a618} - F:\Autorun.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {b0389aee-89ac-11e2-b74d-f0bf978d0915} - E:\setup.exe
HKU\S-1-5-21-85045441-3859974231-1480163339-1001\...\MountPoints2: {d9c52ceb-3226-11e2-9aa4-f0bf978d0915} - F:\Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5199
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.eu/vaioportal
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {be823b8c-a7ec-4078-a321-0f8046cbb48a} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll (MindSpark)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0AAA889C-4B45-4F35-889D-C65571E79FB3} URL = http://services.zinio.com/search?s={sea ... sonyslices
SearchScopes: HKCU - {50813CE3-DE06-4038-BFF7-D7A3B00D31D3} URL = http://search.conduit.com/ResultsExt.as ... =CT3220468
SearchScopes: HKCU - {D7D808DE-7E92-4875-9BF8-FF39837E22B0} URL = http://rover.ebay.com/rover/1/14361-113 ... earchTerms}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Toolbar BHO - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll (MindSpark)
BHO: Search Assistant BHO - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll (MindSpark)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Ver4a\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (Radiocom CJSC)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: GrabRez - {e1420d09-acc8-4efd-9965-e7ae3c5b977c} - C:\Program Files\GrabRez\GrabRezBHO.dll (GrabRez)
BHO: buenosearch Helper Object - {F1C81E40-2485-4DB6-8C9D-04BD596B281E} - C:\Program Files\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll (Montiera Technologies LTD)
BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Ver4a\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll ()
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - SafePCRepair - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll (MindSpark)
Toolbar: HKLM - buenosearch Toolbar - {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll (Montiera Technologies LTD)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0F9FD977-63B0-43C5-9626-B7A7C2080744}: [NameServer]
Tcpip\..\Interfaces\{3811ACE0-8FA2-FB76-B150-F42917A9776E}: [NameServer]93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{5E142FD9-AAA9-448D-A0F3-83E0058B46CE}: [NameServer]
Tcpip\..\Interfaces\{80496C92-D6E3-4BF8-83BF-23E360EFE280}: [NameServer]93.153.117.1 93.153.117.33

FireFox:
========
FF ProfilePath: C:\Users\Ver4a\AppData\Roaming\Mozilla\Firefox\Profiles\wavbsgy3.default
FF NewTab: hxxp://www.buenosearch.com/?babsrc=NT_ss&mntrI ... 3&tsp=5199
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @richmediaplayer.com/nppluginrichmediaplayer - C:\Program Files\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll ()
FF Plugin: @SafePCRepair_89.com/Plugin - C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll (MindSpark)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 - C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll (PriceMeter)
FF Plugin: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 - C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll (PriceMeter)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Ver4a\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-17]
FF HKLM\...\Firefox\Extensions: [{3DF4B26D-DB19-45DF-962A-6719D071245B}] - C:\Users\Ver4a\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}
FF Extension: Rich Media Player extension - C:\Users\Ver4a\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B} [2013-08-19]
FF HKLM\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files\PasswordBox\Firefox [2013-11-22]

========================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [284160 2011-01-06] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [140224 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
S3 ioloService; C:\Program Files\SafePCRepair\ioloToolService.exe [2625800 2013-04-05] (iolo technologies, LLC)
R2 MbnExt; C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.)
S2 pricemeterliveUpdate; C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe [150504 2014-03-27] (PriceMeter)
S3 pricemeterliveUpdatem; C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe [150504 2014-03-27] (PriceMeter)
R2 SafePCRepair_89Service; C:\Program Files\SafePCRepair_89\bar\1.bin\89barsvc.exe [44752 2013-10-21] (COMPANYVERS_NAME)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [189048 2011-01-29] (Sony Corporation)
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587472 2012-11-09] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1699168 2012-11-02] (TuneUp Software)
R2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 Update GrabRez; C:\Program Files\GrabRez\updateGrabRez.exe [350488 2014-04-18] ()
R2 Util GrabRez; C:\Program Files\GrabRez\bin\utilGrabRez.exe [350488 2014-04-17] ()
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [64704 2011-03-05] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [546608 2011-02-18] (Sony Corporation)
S3 VcmINSMgr; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [385336 2011-02-18] (Sony Corporation)
R3 VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [44736 2011-02-14] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [772800 2011-02-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [957056 2012-10-26] (Sony Corporation)
S2 vToolbarUpdater18.0.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [64128 2011-02-17] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [32384 2011-02-17] (Advanced Micro Devices)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17408 2009-05-26] (ArcSoft, Inc.)
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [21256 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [58680 2012-10-31] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [44784 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [738504 2012-10-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [361032 2012-10-31] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [54232 2012-10-31] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [102416 2011-02-15] (ATI Technologies, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-03-23] (AVG Technologies)
S3 btwampfl; C:\Windows\System32\drivers\btwampfl.sys [297000 2010-11-01] (Broadcom Corporation.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [202752 2012-04-23] (Huawei Technologies Co., Ltd.)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software)
R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52920 2014-02-25] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 22:37 - 2014-04-20 22:37 - 01044480 _____ (Farbar) C:\Users\Ver4a\Desktop\FRST.exe
2014-04-20 22:22 - 2014-04-20 22:22 - 01037278 _____ () C:\Users\Ver4a\Desktop\adwcleaner.exe
2014-04-20 22:21 - 2014-04-20 22:21 - 01032220 _____ (Thisisu) C:\Users\Ver4a\Desktop\JRT.exe
2014-04-20 22:17 - 2014-04-20 22:17 - 00000000 _____ () C:\Users\Ver4a\daemonprocess.txt
2014-04-20 22:16 - 2014-04-20 22:16 - 00002039 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-20 22:15 - 2014-04-20 22:15 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-20 15:43 - 2014-04-20 15:44 - 00035763 _____ () C:\Users\Ver4a\Desktop\Addition.txt
2014-04-20 15:42 - 2014-04-20 22:39 - 00020473 _____ () C:\Users\Ver4a\Desktop\FRST.txt
2014-04-20 15:41 - 2014-04-20 22:39 - 00000000 ____D () C:\FRST
2014-04-20 15:23 - 2014-04-20 15:23 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 15:22 - 2014-04-06 08:36 - 01016261 _____ (Thisisu) C:\Users\Ver4a\Desktop\JRT_NEW.exe
2014-04-20 14:56 - 2014-04-20 22:32 - 00000000 ____D () C:\AdwCleaner
2014-04-09 17:50 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 17:50 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 17:50 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 17:50 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 17:50 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 17:50 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 17:50 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 17:50 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-02 17:29 - 2014-04-02 17:29 - 00034534 _____ () C:\Users\Ver4a\Downloads\2. část BP_Pátková.sxw
2014-03-29 16:46 - 2014-03-29 16:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 16:30 - 2014-03-29 16:30 - 00000346 _____ () C:\Windows\Tasks\pricemeterwatcher.job
2014-03-29 16:30 - 2014-03-29 16:30 - 00000344 _____ () C:\Windows\Tasks\pricemetertask.job
2014-03-27 23:46 - 2014-03-31 15:46 - 00000084 _____ () C:\Users\Ver4a\AppData\Roaming\WB.CFG
2014-03-27 22:46 - 2014-04-20 22:33 - 00000948 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2014-03-27 22:46 - 2014-04-20 22:15 - 00000000 ____D () C:\Program Files\PriceMeterLiveUpdate
2014-03-27 22:46 - 2014-04-20 22:13 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\PriceMeterUpdater
2014-03-27 22:46 - 2014-04-20 22:13 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\buenosearch LTD
2014-03-27 22:46 - 2014-04-20 22:12 - 00000000 ____D () C:\Program Files\buenosearch LTD
2014-03-27 22:46 - 2014-04-20 10:51 - 00000952 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2014-03-27 22:46 - 2014-04-20 10:47 - 00000292 _____ () C:\Windows\Tasks\PriceMeterUpdater.job
2014-03-27 22:46 - 2014-03-27 22:51 - 00000000 ____D () C:\Users\Ver4a\AppData\Local\PriceMeter
2014-03-27 22:46 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter

==================== One Month Modified Files and Folders =======

2014-04-20 22:39 - 2014-04-20 15:42 - 00020473 _____ () C:\Users\Ver4a\Desktop\FRST.txt
2014-04-20 22:39 - 2014-04-20 15:41 - 00000000 ____D () C:\FRST
2014-04-20 22:39 - 2012-02-22 20:35 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\uTorrent
2014-04-20 22:37 - 2014-04-20 22:37 - 01044480 _____ (Farbar) C:\Users\Ver4a\Desktop\FRST.exe
2014-04-20 22:37 - 2011-09-10 19:49 - 01451235 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 22:34 - 2014-02-25 10:34 - 00001494 _____ () C:\Windows\Tasks\Torntv V9.0-updater.job
2014-04-20 22:34 - 2014-02-25 10:33 - 00003080 _____ () C:\Windows\Tasks\Torntv V9.0-chromeinstaller.job
2014-04-20 22:34 - 2014-02-25 10:33 - 00002398 _____ () C:\Windows\Tasks\Torntv V9.0-firefoxinstaller.job
2014-04-20 22:34 - 2009-07-14 04:04 - 00000678 _____ () C:\Windows\win.ini
2014-04-20 22:33 - 2014-03-27 22:46 - 00000948 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2014-04-20 22:33 - 2014-02-25 10:34 - 00001438 _____ () C:\Windows\Tasks\Torntv V9.0-codedownloader.job
2014-04-20 22:33 - 2014-02-25 10:34 - 00001328 _____ () C:\Windows\Tasks\Torntv V9.0-enabler.job
2014-04-20 22:33 - 2014-02-20 14:28 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-04-20 22:33 - 2014-02-09 12:52 - 00007062 _____ () C:\Windows\setupact.log
2014-04-20 22:33 - 2012-03-17 09:43 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 22:33 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 22:32 - 2014-04-20 14:56 - 00000000 ____D () C:\AdwCleaner
2014-04-20 22:32 - 2009-07-14 06:34 - 00020608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 22:32 - 2009-07-14 06:34 - 00020608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 22:28 - 2014-02-25 10:37 - 00000000 ____D () C:\Program Files\Mobogenie
2014-04-20 22:25 - 2012-04-11 10:15 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001UA.job
2014-04-20 22:22 - 2014-04-20 22:22 - 01037278 _____ () C:\Users\Ver4a\Desktop\adwcleaner.exe
2014-04-20 22:21 - 2014-04-20 22:21 - 01032220 _____ (Thisisu) C:\Users\Ver4a\Desktop\JRT.exe
2014-04-20 22:18 - 2014-02-25 10:38 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\newnext.me
2014-04-20 22:17 - 2014-04-20 22:17 - 00000000 _____ () C:\Users\Ver4a\daemonprocess.txt
2014-04-20 22:17 - 2014-02-25 10:38 - 00000000 ____D () C:\Users\Ver4a\AppData\Local\Mobogenie
2014-04-20 22:17 - 2011-09-10 20:27 - 00000000 ____D () C:\Users\Ver4a
2014-04-20 22:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-04-20 22:16 - 2014-04-20 22:16 - 00002039 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-20 22:16 - 2009-07-14 04:04 - 00002577 _____ () C:\Windows\system32\config.nt
2014-04-20 22:15 - 2014-04-20 22:15 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-20 22:15 - 2014-03-27 22:46 - 00000000 ____D () C:\Program Files\PriceMeterLiveUpdate
2014-04-20 22:15 - 2014-02-25 10:33 - 00000000 ____D () C:\Program Files\Torntv V9.0
2014-04-20 22:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-04-20 22:13 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\PriceMeterUpdater
2014-04-20 22:13 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\buenosearch LTD
2014-04-20 22:13 - 2014-02-25 10:38 - 00000000 ____D () C:\Users\Ver4a\AppData\Local\genienext
2014-04-20 22:13 - 2014-02-25 10:37 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-04-20 22:13 - 2013-12-15 14:22 - 00000000 ____D () C:\Users\Ver4a\AppData\Local\playnowradio
2014-04-20 22:13 - 2013-10-21 20:59 - 00000000 ____D () C:\Program Files\SafePCRepair
2014-04-20 22:13 - 2013-10-21 20:58 - 00000000 ____D () C:\Program Files\SafePCRepair_89
2014-04-20 22:13 - 2013-08-19 14:31 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-04-20 22:13 - 2013-05-05 10:38 - 00000000 ___RD () C:\Program Files\Skype
2014-04-20 22:13 - 2012-08-11 20:19 - 00000000 ____D () C:\Users\Veronica
2014-04-20 22:13 - 2011-09-10 19:54 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-20 22:12 - 2014-03-27 22:46 - 00000000 ____D () C:\Program Files\buenosearch LTD
2014-04-20 22:12 - 2014-02-25 10:34 - 00000000 ____D () C:\Program Files\GrabRez
2014-04-20 22:12 - 2013-08-19 14:31 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-04-20 22:12 - 2013-01-25 18:53 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-20 22:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-04-20 15:44 - 2014-04-20 15:43 - 00035763 _____ () C:\Users\Ver4a\Desktop\Addition.txt
2014-04-20 15:23 - 2014-04-20 15:23 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 14:45 - 2013-01-26 19:26 - 00000000 ____D () C:\Users\Ver4a\AppData\Local\CrashDumps
2014-04-20 11:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-20 10:54 - 2013-01-25 18:53 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-20 10:51 - 2014-03-27 22:46 - 00000952 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2014-04-20 10:50 - 2012-03-17 09:43 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 10:47 - 2014-03-27 22:46 - 00000292 _____ () C:\Windows\Tasks\PriceMeterUpdater.job
2014-04-20 09:55 - 2012-11-03 14:41 - 00000000 ____D () C:\Users\Ver4a\Desktop\na vyvolání
2014-04-18 13:25 - 2012-04-11 10:15 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-85045441-3859974231-1480163339-1001Core.job
2014-04-17 12:41 - 2009-07-14 06:53 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-13 14:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-12 18:20 - 2010-11-20 23:01 - 01586106 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 22:17 - 2011-11-14 13:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 12:23 - 2012-03-14 12:02 - 00754588 _____ () C:\test.xml
2014-04-06 17:38 - 2013-11-22 08:01 - 00000000 ____D () C:\Program Files\PasswordBox
2014-04-06 08:36 - 2014-04-20 15:22 - 01016261 _____ (Thisisu) C:\Users\Ver4a\Desktop\JRT_NEW.exe
2014-04-02 17:29 - 2014-04-02 17:29 - 00034534 _____ () C:\Users\Ver4a\Downloads\2. část BP_Pátková.sxw
2014-03-31 15:46 - 2014-03-27 23:46 - 00000084 _____ () C:\Users\Ver4a\AppData\Roaming\WB.CFG
2014-03-31 09:35 - 2012-02-13 21:49 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 02:13 - 2014-04-09 17:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 01:57 - 2014-04-09 17:50 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-30 16:34 - 2012-08-11 18:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-29 16:46 - 2014-03-29 16:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 16:30 - 2014-03-29 16:30 - 00000346 _____ () C:\Windows\Tasks\pricemeterwatcher.job
2014-03-29 16:30 - 2014-03-29 16:30 - 00000344 _____ () C:\Windows\Tasks\pricemetertask.job
2014-03-28 11:13 - 2014-02-25 18:03 - 00005120 _____ () C:\Windows\PFRO.log
2014-03-27 22:51 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\Ver4a\AppData\Local\PriceMeter
2014-03-27 22:46 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\Ver4a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
2014-03-23 18:51 - 2013-08-19 14:32 - 00042272 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-03-23 18:51 - 2013-08-19 14:31 - 00003749 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml

Some content of TEMP:
====================
C:\Users\Ver4a\AppData\Local\Temp\Quarantine.exe
C:\Users\Ver4a\AppData\Local\Temp\setup__6272.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 15:32

==================== End Of Log ============================

Re: Zasekaný NB- prosim o kontrolu logu

Napsal: 20 dub 2014 21:45
od Rudy
Log je OK.