Kontrola logu,díky

Zpráva

JankoB · #1 Příspěvek od **JankoB** » 16 kvě 2014 08:15

Logfile of random's system information tool 1.09 (written by random/random)
Run by Monika 1 at 2014-05-16 09:13:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 111 GB (47%) free of 236 GB
Total RAM: 4010 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:13:49, on 16.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Users\Monika 1\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Users\Monika 1\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Polar\WebSync\WebSync.exe
C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Users\Monika 1\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Monika 1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0035382 - {11111111-1111-1111-1111-110311531182} - C:\Program Files (x86)\hosts\hosts-bho.dll
O2 - BHO: privitize Helper Object - {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\bh\privitize.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: privitize Toolbar - {1C46A0DD-D53E-46C4-A435-CA11103E255E} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Monika 1\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Monika 1\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Pokki] C:\windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\Monika 1\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Monika 1\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-21-2234519877-4043553204-3602242062-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2234519877-4043553204-3602242062-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O4 - Global Startup: Polar WebSync.lnk = C:\Program Files (x86)\Polar\WebSync\WebSync.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Polar Daemon - Unknown owner - C:\Program Files (x86)\Polar\Daemon\polard.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13968 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\system32\svchost.exe -k NetworkService
"C:\windows\system32\Dwm.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\Monika 1\AppData\Local\Pokki\Engine\pokki.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
taskeng.exe {4F481525-AE0C-4F12-A98E-FB63F055D783}
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe"
szndesktop.exe default start
"C:\Program Files (x86)\Polar\Daemon\polard.exe"
"C:\Users\Monika 1\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe "-2027741783-5945460692919938156798403658419762941476766899741474192003822589
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Polar\WebSync\WebSync.exe" -normal
"C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
taskeng.exe {47F261B3-A94A-4B51-AC63-52876E30627B}
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
"C:\Users\Monika 1\AppData\Local\Pokki\Engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/OneClickSignIn/BlueOnWhite/Prefetch/ContentPrefetchPrefetchOn/Prerender/Prerender15minTTL/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/group_01/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="1688.2.1743864264\1167766698" /prefetch:3
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 5804
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\windows\system32\wuauclt.exe"
"C:\Users\Monika 1\Downloads\RSITx64(1).exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\Norton Security Scan for Monika 1.job
C:\windows\tasks\RMAutoUpdate.job
C:\windows\tasks\RMSchedule.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Monika 1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "http://searchou.com/?q={searchTerms}&id ... c&affilt=5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]
"Description"=VideoDownloadConverter Plugin
"Path"=C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Users\Monika 1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Monika 1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default\searchplugins\
privitize.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-14 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-01 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-14 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}]
hosts - C:\Program Files (x86)\hosts\hosts-bho.dll [2013-07-01 748032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}]
privitize Helper Object - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\bh\privitize.dll [2013-05-21 299928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-22 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-01 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-22 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]
{1C46A0DD-D53E-46C4-A435-CA11103E255E} - privitize Toolbar - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll [2013-05-21 288152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-06-17 2721576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Monika 1\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Monika 1\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Pokki"=C:\Users\Monika 1\AppData\Local\Pokki\Engine\Launcher.dll [2013-11-01 1240344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Users\Monika 1\AppData\Local\Pokki\Engine\pokki.exe [2013-11-01 8252744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-01-27 42536]
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2011-12-21 229376]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-08-21 105120]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-03-21 1061960]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-01 3873704]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2013-12-23 450560]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-11-15 1861968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
Polar WebSync.lnk - C:\Program Files (x86)\Polar\WebSync\WebSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-05-09 22:16:03 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-04 07:39:55 ----A---- C:\windows\system32\mshtml.dll
2014-05-04 07:39:52 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-05-04 07:39:25 ----SD---- C:\windows\system32\CompatTel
2014-05-01 16:54:51 ----A---- C:\windows\system32\drivers\aswHwid.sys
2014-05-01 16:54:42 ----A---- C:\windows\avastSS.scr
2014-04-30 09:02:29 ----A---- C:\windows\system32\aepdu.dll
2014-04-30 09:02:28 ----A---- C:\windows\system32\aeinv.dll
2014-04-19 16:24:17 ----A---- C:\windows\system32\ieui.dll
2014-04-19 16:24:16 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-04-19 16:24:07 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-04-19 16:24:07 ----A---- C:\windows\system32\vbscript.dll
2014-04-19 16:23:46 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-19 16:23:46 ----A---- C:\windows\system32\iernonce.dll
2014-04-19 16:23:46 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-04-19 16:23:46 ----A---- C:\windows\system32\ie4uinit.exe
2014-04-19 16:23:41 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-04-19 16:23:41 ----A---- C:\windows\system32\jscript9diag.dll
2014-04-19 16:23:40 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-04-19 16:23:40 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-04-19 16:23:40 ----A---- C:\windows\system32\dxtrans.dll
2014-04-19 16:23:40 ----A---- C:\windows\system32\dxtmsft.dll
2014-04-19 16:23:39 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-04-19 16:23:39 ----A---- C:\windows\system32\msrating.dll
2014-04-19 16:23:39 ----A---- C:\windows\system32\msfeeds.dll
2014-04-19 16:23:39 ----A---- C:\windows\system32\jsproxy.dll
2014-04-19 16:23:38 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-04-19 16:23:36 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-04-19 16:23:36 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-04-19 16:23:36 ----A---- C:\windows\system32\ieUnatt.exe
2014-04-19 16:23:36 ----A---- C:\windows\system32\iesetup.dll
2014-04-19 16:23:35 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-04-19 16:23:33 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-19 16:23:26 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-04-19 16:23:26 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-04-19 16:23:25 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-04-19 16:23:25 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-04-19 16:23:25 ----A---- C:\windows\system32\ieapfltr.dll
2014-04-19 16:23:24 ----A---- C:\windows\system32\ieetwcollector.exe
2014-04-19 16:23:23 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-19 16:23:19 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-04-19 16:23:18 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-04-19 16:23:18 ----A---- C:\windows\system32\iertutil.dll
2014-04-19 16:23:16 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-04-19 16:23:16 ----A---- C:\windows\system32\wininet.dll
2014-04-19 16:23:15 ----A---- C:\windows\system32\urlmon.dll
2014-04-19 16:23:11 ----A---- C:\windows\system32\ieframe.dll
2014-04-19 16:23:09 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-04-19 16:23:04 ----A---- C:\windows\system32\jscript9.dll
2014-04-19 16:23:03 ----A---- C:\windows\SYSWOW64\jscript9.dll

======List of files/folders modified in the last 1 month======

2014-05-16 09:13:49 ----D---- C:\windows\temp
2014-05-16 09:13:48 ----D---- C:\Program Files\trend micro
2014-05-16 09:02:47 ----SHD---- C:\System Volume Information
2014-05-16 09:01:15 ----D---- C:\windows\system32\config
2014-05-15 21:05:26 ----D---- C:\windows\System32
2014-05-15 21:05:26 ----D---- C:\windows\inf
2014-05-15 21:05:26 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-05-15 21:04:01 ----SHD---- C:\windows\Installer
2014-05-15 21:03:30 ----D---- C:\windows\SysWOW64
2014-05-15 21:02:35 ----D---- C:\Users\Monika 1\AppData\Roaming\Seznam.cz
2014-05-15 21:01:49 ----A---- C:\windows\SYSWOW64\log.txt
2014-05-15 20:59:53 ----D---- C:\windows\Prefetch
2014-05-15 20:57:50 ----AD---- C:\ProgramData\Temp
2014-05-15 20:57:30 ----D---- C:\Program Files (x86)\PC Tools Registry Mechanic
2014-05-15 20:56:56 ----D---- C:\Windows
2014-05-15 20:56:45 ----D---- C:\windows\system32\drivers
2014-05-14 17:51:50 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-05-14 07:24:53 ----D---- C:\windows\system32\catroot2
2014-05-14 07:24:53 ----D---- C:\windows\system32\catroot
2014-05-14 07:24:52 ----D---- C:\windows\winsxs
2014-05-11 07:40:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 12:39:58 ----D---- C:\Program Files (x86)
2014-05-09 19:50:06 ----D---- C:\Config.Msi
2014-05-01 16:54:57 ----D---- C:\windows\system32\Tasks
2014-05-01 16:54:45 ----A---- C:\windows\system32\aswBoot.exe
2014-04-25 22:47:26 ----D---- C:\windows\rescache
2014-04-25 14:47:15 ----D---- C:\Users\Monika 1\AppData\Roaming\SoftGrid Client
2014-04-19 17:53:22 ----D---- C:\windows\SYSWOW64\en-US
2014-04-19 17:53:22 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-04-19 17:53:22 ----D---- C:\Program Files\Internet Explorer
2014-04-19 17:53:21 ----D---- C:\windows\system32\cs-CZ
2014-04-19 17:53:21 ----D---- C:\windows\PolicyDefinitions
2014-04-19 17:53:20 ----D---- C:\windows\system32\en-US
2014-04-19 17:53:20 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-05-01 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-05-01 208416]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-05 25960]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-05-01 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-04-13 484952]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-05-01 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-05-01 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-05-15 85328]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Virtuální adaptér Intel(R) Centrino(R) Bluetooth 3.0 + High Speed; C:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2011-06-17 186152]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Protokol Intel(R) Centrino(R) Bluetooth 3.0 + High Speed; C:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dgderdrv;dgderdrv; C:\windows\System32\drivers\dgderdrv.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2011-10-25 15144]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-01 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2804568]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-06-04 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-06-05 1997416]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-08-21 794272]
R2 Polar Daemon;Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [2012-08-17 413184]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-01-27 42504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-25 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-09 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-12-31 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 16 kvě 2014 10:55

Zdravim

Odinstalujte McAfee Security Scan

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

JankoB · #3 Příspěvek od **JankoB** » 24 kvě 2014 09:07

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Monika 1 on so 24.05.2014 at 8:54:43,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1C46A0DD-D53E-46C4-A435-CA11103E255E}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Value Name Type Value Data
========================================================================================
Pokki REG_EXPAND_SZ C:\windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\privitize.privitizehlpr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\privitize.privitizehlpr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{13119113-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{33119133-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23119123-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{03119103-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.dynamicbarbutton
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.dynamicbarbutton.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.feedmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.feedmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlmenu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlmenu.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlpanel.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.multiplebutton
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.multiplebutton.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.pseudotransparentplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.pseudotransparentplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radio
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radio.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radiosettings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radiosettings.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.scriptbutton
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.scriptbutton.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.settingsplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.settingsplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.skinlauncher
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.skinlauncher.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.thirdpartyinstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.thirdpartyinstaller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.urlalertbutton
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.urlalertbutton.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.xmlsessionplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.xmlsessionplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\videodownloadconverter_4zbar uninstall
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035382.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035382.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035382.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035382.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322532282}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355535582}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366536682}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344534482}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322532282}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355535582}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366536682}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344534482}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035382.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035382.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035382.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035382.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355535582}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366536682}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344534482}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355535582}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366536682}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344534482}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1512374D-AB37-4C86-8BB3-9749A53EFC87}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BCAA5F5D-B59C-4FD4-AE8B-2218C62497A5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}

~~~ Files

Successfully deleted: [File] "C:\end"
Successfully deleted: [File] C:\windows\syswow64\sho178.tmp
Successfully deleted: [File] C:\windows\syswow64\sho5DD3.tmp
Successfully deleted: [File] C:\windows\syswow64\sho6BF9.tmp
Successfully deleted: [File] C:\windows\syswow64\sho89C6.tmp
Successfully deleted: [File] C:\windows\syswow64\sho93DC.tmp
Successfully deleted: [File] C:\windows\syswow64\shoE99.tmp

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Monika 1\AppData\Roaming\industriya"
Successfully deleted: [Folder] "C:\Users\Monika 1\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Monika 1\appdata\locallow\industriya"
Successfully deleted: [Folder] "C:\Users\Monika 1\appdata\locallow\videodownloadconverter_4z"
Successfully deleted: [Folder] "C:\Program Files (x86)\hosts"
Successfully deleted: [Folder] "C:\Program Files (x86)\industriya"
Successfully deleted: [Folder] "C:\Program Files (x86)\video download converter"
Successfully deleted: [Folder] "C:\Program Files (x86)\videodownloadconverter_4z"
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{011B30A9-5893-4F42-8AF5-CCBAD46069A1}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{020EF15F-4EBE-4D61-88FF-7BBB26022780}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{10108909-B389-444C-8AEE-4D742B9968FA}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{215B742D-0571-465C-AB07-F83E9A33A26A}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{288741BA-3D4E-4306-87C3-F280E61350CB}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{2BB9D0D7-14B4-47C5-B5FB-15575AF3B251}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{342D6C53-4526-4178-9639-35588247E850}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{36A4AC3C-F3C9-46E1-BA3B-AC3CA5DDDF47}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{3C77E1AE-1C34-4178-B6CB-9AAB1DEA362B}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{3EE520BC-7F81-4DB2-867D-D5EEF5ABCA62}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{4482186A-87D3-489A-9259-A6B164D8BA6F}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{44985F3F-FEDA-4583-B1E3-82D4941F7A37}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{498FAADC-193B-4401-8F21-335FEC39FC05}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{4E2F89BF-A81F-421B-B04C-081190A7EA76}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{5209E2A2-AB66-4E12-9F8D-72614643797B}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{5394B5B4-D3AC-44D4-8E62-740D202E129C}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{546A9CDB-CB33-4A80-A503-1E5EB167D3A8}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{57F5C6B7-E03F-4C15-B297-CA4E3AFCF4A4}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{586581C1-DD91-4CCB-8EC6-A43D84313B18}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{5BA010E5-E043-40F1-A7D0-1DFB8B0B57F4}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{5E91DC61-4FAD-4DB5-BFB1-CA9749A91DA9}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{615CFE63-286F-4C27-9B8C-9C2132030B9F}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{6E1F5262-B4C4-490E-8D43-3FEAE5ADD8B8}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{82062F98-7981-4677-8B44-5EF13FF874CF}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{854A64CE-80D0-481B-88B8-FACDFDF78B8C}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{87D8B91B-E38F-44ED-A376-667D03918005}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{8A5690EF-FC5E-406B-9BCF-7C8726AE20B1}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{8EE413DA-0977-4469-82C9-0950FC30744B}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{9434C598-97D4-43F5-86E4-49ADBD208202}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{9BF4C51E-FE70-4CCA-87C0-1A2D0AFADF4D}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{9C033FFD-927E-497B-9AEA-09192141DCD1}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{9E661F52-4569-49E9-A6BD-E76EB2F2B136}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{A01E3D32-55B7-4279-AC0F-DEA464F9B96C}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{A4A3954D-DF8D-4399-9F3A-5110B8F39DD1}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{A7A5B2C7-14FB-4220-927C-F41C5118F846}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{B30096F7-AE5A-4712-87F1-540B48AECFAB}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{B5E127EF-CA01-4B3D-A394-A44DF260A2F5}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{BB4650C4-66BF-415A-ADDD-1CBA1C7BEDBC}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{C23E0F02-04FB-46B5-BDB4-35E62EDA0456}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{C23F296C-D8D5-478C-9AB3-4E328FF8E49F}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{C335EF4B-C242-4901-B943-727E1CC4EA91}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{C3F8D646-B263-48F8-850E-F0537BC7E6F1}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{CA574C0E-9CE9-4BD3-ACF5-6DC84AE7DA0F}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{CBB2F59A-3AA3-4683-BC86-6A496DF2C6F5}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{D359DBDA-875A-46FE-A074-00BBA2721425}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{D6FB0FB1-6276-4575-9D7E-AD7019AD556F}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{D79520FB-6681-4372-AAFD-E2B187AD53B5}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{D9F6796A-9A8B-423B-A781-3E7F71367B85}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{E345DBD0-5392-49AE-BF7A-D0C0828E5C6B}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{E6BBF1B1-A796-4E18-8201-20C4D4436037}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{E700EA52-8DBF-4BED-A302-AD26A05B5527}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{E940CAC8-4DFE-428B-B5BD-2AA56F768722}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{EAFDF3BC-47EF-446C-97FA-FE7160DFA5F8}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{ED234149-310E-4902-B492-4C49A5F11A57}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{EF71575E-7F1D-47D3-B802-862BB64DCC30}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{F7C04512-F63C-46B7-A101-6E6D84A9BEF0}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{F7F6A7A5-0AF9-4819-B040-C4EB19829807}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{F864474B-AE5F-4E99-9E97-31D742DDE9D4}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{FCE193D8-88B9-4CE5-99BA-70FE5E1C0DE3}
Successfully deleted: [Empty Folder] C:\Users\Monika 1\appdata\local\{FE6369FA-B1C6-4434-8953-1DC8A9453C4F}

~~~ FireFox

Successfully deleted: [File] C:\Users\Monika 1\AppData\Roaming\mozilla\firefox\profiles\ju11s37f.default\user.js
Successfully deleted: [File] C:\Users\Monika 1\AppData\Roaming\mozilla\firefox\profiles\ju11s37f.default\searchplugins\privitize.xml
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\4zffxtbr@videodownloadconverter_4z.com
Successfully deleted the following from C:\Users\Monika 1\AppData\Roaming\mozilla\firefox\profiles\ju11s37f.default\prefs.js

user_pref("browser.search.order.1", "Search The Web (privitize)");
user_pref("extensions.privitize.admin", false);
user_pref("extensions.privitize.aflt", "5");
user_pref("extensions.privitize.appId", "{301966DF-A84B-4255-AAB9-574B5CE237E4}");
user_pref("extensions.privitize.autoRvrt", "false");
user_pref("extensions.privitize.dfltLng", "");
user_pref("extensions.privitize.dfltSrch", true);
user_pref("extensions.privitize.dnsErr", true);
user_pref("extensions.privitize.excTlbr", false);
user_pref("extensions.privitize.ffxUnstlRst", false);
user_pref("extensions.privitize.hmpg", true);
user_pref("extensions.privitize.hmpgUrl", "hxxp://searchou.com/?id=7e9fdebb000000000000dca97166d6dc&affilt=5");
user_pref("extensions.privitize.hpOld0", "www.seznam.cz");
user_pref("extensions.privitize.id", "7e9fdebb000000000000dca97166d6dc");
user_pref("extensions.privitize.instlDay", "15887");
user_pref("extensions.privitize.instlRef", "");
user_pref("extensions.privitize.kw_url", "hxxp://searchou.com/?q={searchTerms}&id=7e9fdebb000000000000dca97166d6dc&affilt=5");
user_pref("extensions.privitize.newTab", true);
user_pref("extensions.privitize.newTabUrl", "hxxp://searchou.com/?id=7e9fdebb000000000000dca97166d6dc&affilt=5");
user_pref("extensions.privitize.prdct", "privitize");
user_pref("extensions.privitize.prtnrId", "privitize");
user_pref("extensions.privitize.rvrt", "false");
user_pref("extensions.privitize.smplGrp", "none");
user_pref("extensions.privitize.srchPrvdr", "Search The Web (privitize)");
user_pref("extensions.privitize.tlbrId", "base");
user_pref("extensions.privitize.tlbrSrchUrl", "hxxp://searchou.com/?id=7e9fdebb000000000000dca97166d6dc&affilt=5&q=");
user_pref("extensions.privitize.vrsn", "1.8.21.6");
user_pref("extensions.privitize.vrsnTs", "1.8.21.620:31:34");
user_pref("extensions.privitize.vrsni", "1.8.21.6");
user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=88D75693-E7A8-488B-8A10-F30EFC840259&n=77fc4091&p2=^HJ^xdm073^YY^cz
user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013020305");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^cz");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "88D75693-E7A8-488B-8A10-F30EFC840259");
user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1398952838874");
user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
user_pref("keyword.URL", "hxxp://searchou.com/?q={searchTerms}&id=7e9fdebb000000000000dca97166d6dc&affilt=5");
Emptied folder: C:\Users\Monika 1\AppData\Roaming\mozilla\firefox\profiles\ju11s37f.default\minidumps [308 files]

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 24.05.2014 at 9:11:51,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

JankoB · #4 Příspěvek od **JankoB** » 24 kvě 2014 09:23

# AdwCleaner v3.210 - Report created 24/05/2014 at 10:15:51
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Monika 1 - MONIKA1-PC
# Running from : C:\Users\Monika 1\Desktop\adwcleaner_3.210.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : VideoDownloadConverter_4zService

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\DownLite
Folder Deleted : C:\Users\Monika 1\AppData\Local\Pokki
Folder Deleted : C:\Users\Monika 1\AppData\Local\VideoDownloadConverter_4z
Folder Deleted : C:\Users\Monika 1\AppData\Roaming\DownLite
Folder Deleted : C:\Users\Monika 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\*\shell\pokki
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\Folder\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FF48DBA6-5DD8-4D10-9EB0-0FA968502E66}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
Key Deleted : HKLM\Software\VideoDownloadConverter_4z
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Monika 1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default\prefs.js ]

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Monika 1\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh

*************************

AdwCleaner[R0].txt - [7296 octets] - [24/05/2014 10:11:16]
AdwCleaner[S0].txt - [7298 octets] - [24/05/2014 10:15:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7358 octets] ##########

#5 Příspěvek od **vyosek** » 25 kvě 2014 08:09

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

JankoB · #6 Příspěvek od **JankoB** » 26 kvě 2014 10:12

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Monika 1 on po 26.05.2014 at 10:41:10,58.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Monika 1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

26.5.2014 10:44:54 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
HKEY_USERS\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
HKEY_USERS\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1C46A0DD-D53E-46C4-A435-CA11103E255E} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\MONIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");

Added to C:\Users\MONIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\MONIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_26.05.2014_1058_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~3\as98213.txt deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [01.05.2014 16:54]

==== Firefox Extensions ======================

ProfilePath: C:\Users\MONIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default
- Seznam litika - C:\Users\Monika 1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Monika 1\AppData\Roaming\Mozilla\Firefox\Profiles\ju11s37f.default
A58DE0A570148AF5FF3512B2A340D09F - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
546A28FBC44B984FD92530227BF6F5C2 - C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dhfcbmlocifngpbjdpgnkbjmgkadkjpp - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitize.crx[]

Seznam Li\u0161ti\u010Dka - Email - Monika 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - Monika 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Privitize Chrome Toolbar - Monika 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhfcbmlocifngpbjdpgnkbjmgkadkjpp
Seznam LiĹˇtiÄŤka - RychlĂˇ volba - Monika 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Chrome Fix ======================

C:\Users\Monika 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhfcbmlocifngpbjdpgnkbjmgkadkjpp deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=12454"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=12454"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{18CBEEA8-3AE8-4ACC-AA36-376F05A09665} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_12454"
{2CE16D3A-DDE3-4C42-969C-522548CBFB42} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{52E7D6D3-07C1-46C7-ADA5-FE85FD82C208} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12454"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{6A5CA908-A6C6-4FF4-9897-2ECC9F9EAA3A} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_12454"
{907E8CDF-AE8C-4E3A-BA5D-9EFDF370AE28} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{B8858856-8155-4F65-9FD4-8227644B95B0} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12454"
{DA5A15FE-0328-419E-A053-14A1C0EE36F0} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454"
{F470F530-4FF5-494A-BF97-95DB92CC5578} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"

==== Reset Google Chrome ======================

C:\Users\Monika 1\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Monika 1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhfcbmlocifngpbjdpgnkbjmgkadkjpp deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Monika 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Monika 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Monika 1\AppData\Local\Mozilla\Firefox\Profiles\ju11s37f.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Monika 1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=17 folders=2 490825 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Monika 1\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\MONIKA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 26.05.2014 at 11:08:52,42 ======================

#7 Příspěvek od **vyosek** » 26 kvě 2014 10:26

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

VIRY.CZ

Kontrola logu,díky

Kontrola logu,díky

Re: Kontrola logu,díky

Re: Kontrola logu,díky

Re: Kontrola logu,díky

Re: Kontrola logu,díky

Re: Kontrola logu,díky

Re: Kontrola logu,díky