VIRY.CZ

Zdravím ve fóru,

mohl by se mi někdo prosím podívat na log, vypadá to, že se mi něco v počítači usadilo, vyskakuje spousta reklamy.

Díky moc, Jarda

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Lucinka (administrator) on LUCINKA-PC on 16-10-2014 20:08:06
Running from C:\Users\Lucinka\Desktop
Loaded Profiles: Lucinka & UpdatusUser (Available profiles: Lucinka & UpdatusUser)
Platform: Windows 7 Ultimate (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\dmwu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Windows\SysWOW64\nethtsrv.exe
() C:\Windows\SysWOW64\netupdsrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
() C:\Windows\SysWOW64\mjcm\dnkt.exe
() C:\Windows\System32\tprb\dnkt.exe
(Xacti, LLC) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(TeamViewer GmbH) C:\Users\Lucinka\AppData\Local\Temp\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Users\Lucinka\AppData\Local\Temp\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Users\Lucinka\AppData\Local\Temp\TeamViewer\Version8\tv_x64.exe
(TeamViewer GmbH) C:\Users\Lucinka\AppData\Local\Temp\TeamViewer\Version8\TeamViewer_Desktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(forum.viry.cz) C:\Users\Lucinka\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [InboxToolbar] => C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1424792 2014-09-23] (Xacti, LLC)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1564872 2012-06-06] (Ask)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [SweetIM] => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [Sweetpacks Communicator] => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ksomnbi-x32: C:\Users\Lucinka\AppData\Local\ksomnbi.dll ()
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [ksomnbi] => rundll32 "C:\Users\Lucinka\AppData\Local\ksomnbi.dll",ksomnbi <===== ATTENTION
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\MountPoints2: {a38b4a51-4418-11e4-a23f-b870f452cbb5} - G:\iLinker.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260416 2012-03-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [215360 2012-03-01] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3331950805-703032821-105522138-1003\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www2.inbox.com/search/dispatcher ... &%language
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 70F452CBB5}
URLSearchHook: HKLM-x32 - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files (x86)\Mario_Forever\prxtbMar0.dll (Conduit Ltd.)
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
URLSearchHook: HKCU - Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
URLSearchHook: HKCU - SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 70F452CBB5}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2247187
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 70F452CBB5}
SearchScopes: HKCU - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://mysearch.sweetpacks.com?src=6&q= ... id=&&st=23
SearchScopes: HKCU - 970DE71AD20E47C091D907B2D1A23940 URL = http://www2.inbox.com/search/dispatcher ... 093&lng=cs
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {2496CDAE-9B1A-4080-8235-B1BBCE9133A5} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {88C3A737-3632-48D7-8853-C9BDB201E343} URL = http://websearch.ask.com/redirect?clien ... 800F95EDC9
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2247187
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://mysearch.sweetpacks.com?src=6&q= ... id=&&st=23
BHO: TrustMediaViewerV1alpha4410 -> {011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ie\TrustMediaViewerV1alpha4410x64.dll ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
BHO-x32: Trust Media Viewer -> {011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ie\TrustMediaViewerV1alpha4410.dll ()
BHO-x32: Better Surf Plus -> {1824FF90-C98E-48A6-838F-E3B6572B0C77} -> C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll ()
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Rich Media View -> {1b6afbcf-743c-42bd-94a4-6d4f65f787a3} -> C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release210\ie\RichMediaViewV1release210.dll ()
BHO-x32: Media Player -> {22a2035d-77e6-401a-a8f3-099fc39563ec} -> C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha220\ie\MediaPlayerV1alpha220.dll ()
BHO-x32: Media View -> {4ca812a6-47eb-4999-8450-81794f5c00c7} -> C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2965\ie\MediaViewV1alpha2965.dll ()
BHO-x32: Media Buzz -> {59b46ee7-dca0-4e47-a0ce-5f55f9dd5fb1} -> C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6995\ie\MediaBuzzV1mode6995.dll ()
BHO-x32: BetterSurf -> {6E3C6B04-08FE-43BC-8E50-F90285024DEA} -> C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll ()
BHO-x32: Mario Forever Toolbar -> {707db484-2428-402d-afb5-d85b387544c7} -> C:\Program Files (x86)\Mario_Forever\prxtbMar0.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Webexp Enhanced -> {795cc329-858f-4080-9529-1c2fbafe770d} -> C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha343\ie\WebexpEnhancedV1alpha343.dll ()
BHO-x32: Video Player -> {7f84471d-5765-4531-a3e8-e8ca671089f3} -> C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta319\ie\VideoPlayerV3beta319.dll ()
BHO-x32: Better-Surf -> {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} -> C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll ()
BHO-x32: Media View -> {9756865e-6304-42f8-b01b-6bb4841726e0} -> C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9228\ie\MediaViewV1alpha9228.dll ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Media Viewer -> {cf776516-bcf5-46e1-a08c-79a9d77e92a3} -> C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1069\ie\MediaViewerV1alpha1069.dll ()
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: Media Watch -> {f50d0e9e-48a2-4eb8-8caa-c35d497738a1} -> C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home494\ie\MediaWatchV1home494.dll ()
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Xacti, LLC)
Toolbar: HKLM-x32 - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files (x86)\Mario_Forever\prxtbMar0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKCU - No Name - {707DB484-2428-402D-AFB5-D85B387544C7} - No File
Toolbar: HKCU - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Xacti, LLC)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default
FF NewTab: hxxp://www.sweetpacks-search.com/?barid=&src=97&
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrluser_pref("browser.search.defaulturl", "");: user_pref("browser.search.defaulturl", "");
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Seznam
FF Homepage: http://www.google.cz
FF Keyword.URL: hxxp://mysearch.sweetpacks.com?src=6&barid=&&st=23&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @kb-ext.cz/PKIComponent -> C:\Users\Lucinka\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\MyStart.xml
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\Sweetpacks Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Inbox Toolbar - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\Extensions\inboxcomtoolbar@inbox.com [2013-11-14]
FF Extension: Mario Forever - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\Extensions\{707db484-2428-402d-afb5-d85b387544c7} [2014-09-28]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2013-01-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF Extension: BetterSurf - C:\Program Files (x86)\BetterSurf\ff [2013-11-14]
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files (x86)\Better-Surf\ff [2013-11-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF Extension: Better Surf Plus - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [2013-12-09]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha343.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha343\ff
FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha343\ff [2013-12-21]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta319.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta319\ff
FF Extension: Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta319\ff [2014-01-11]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha220.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha220\ff
FF Extension: Media Player - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha220\ff [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1069.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1069\ff
FF Extension: Media Viewer - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1069\ff [2014-02-24]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha2965.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2965\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2965\ff [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha9228.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9228\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9228\ff [2014-03-16]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home494.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home494\ff
FF Extension: Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home494\ff [2014-03-23]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6995.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6995\ff
FF Extension: Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6995\ff [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release210.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release210\ff
FF Extension: Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release210\ff [2014-05-13]
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha4410.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff
FF Extension: Trust Media Viewer - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff [2014-06-28]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.sweetpacks-search.com/?barid=&src=10&&st=23
CHR StartupUrls: Default -> "hxxp://www.sweetpacks-search.com/?barid=&src=10&&st=23", "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP", "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR DefaultSearchURL: Default -> http://mysearch.sweetpacks.com?src=6&q= ... id=&&st=23
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Profile: C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-23]
CHR Extension: (Google Search) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-23]
CHR Extension: (Video Player) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbndopdofneaonjnapofemfjppmfdbij [2014-01-11]
CHR Extension: (BetterSurf) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap [2013-11-14]
CHR Extension: (Trust Media Viewer) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjfjjkbhkkebneoplbknflnlgccnjod [2014-06-28]
CHR Extension: (Media Viewer) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\djglmaopglclppcnofjgkpldndpbekoi [2014-02-24]
CHR Extension: (Media View) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\egphokopppgkdangnbiiaemcabildnik [2014-03-16]
CHR Extension: (Rich Media View) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhemcfkhbkppfhfbnocchieiapkfefcg [2014-05-13]
CHR Extension: (Media Buzz) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\healnegkppceknbgkpjbphfenefghpnh [2014-04-25]
CHR Extension: (Media Watch) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihgilglmiikgacligpnookhkgjibmiop [2014-03-23]
CHR Extension: (Webexp Enhanced) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmmbapibplplpnngjkbhnkkglccafem [2013-12-21]
CHR Extension: (Media View) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kojnibpnoebjkeaekcgofkbjiioaicfg [2014-02-28]
CHR Extension: (Skype Click to Call) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-30]
CHR Extension: (Better Surf Plus) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl [2013-12-09]
CHR Extension: (Google Wallet) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2013-10-23]
CHR Extension: (Gmail) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-23]
CHR Extension: (BetterSrf) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco [2013-11-25]
CHR HKLM-x32\...\Chrome\Extension: [dbndopdofneaonjnapofemfjppmfdbij] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta319\ch\VideoPlayerV3beta319.crx [2014-01-07]
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [dgjfjjkbhkkebneoplbknflnlgccnjod] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ch\TrustMediaViewerV1alpha4410.crx [2014-06-26]
CHR HKLM-x32\...\Chrome\Extension: [djglmaopglclppcnofjgkpldndpbekoi] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1069\ch\MediaViewerV1alpha1069.crx [2014-02-23]
CHR HKLM-x32\...\Chrome\Extension: [egphokopppgkdangnbiiaemcabildnik] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9228\ch\MediaViewV1alpha9228.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [fhemcfkhbkppfhfbnocchieiapkfefcg] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release210\ch\RichMediaViewV1release210.crx [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [healnegkppceknbgkpjbphfenefghpnh] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6995\ch\MediaBuzzV1mode6995.crx [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [ihgilglmiikgacligpnookhkgjibmiop] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home494\ch\MediaWatchV1home494.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [jbmmbapibplplpnngjkbhnkkglccafem] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha343\ch\WebexpEnhancedV1alpha343.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [kojnibpnoebjkeaekcgofkbjiioaicfg] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2965\ch\MediaViewV1alpha2965.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-12-09]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx [2014-06-24]
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx [2013-11-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [2930992 2014-09-17] ()
R2 NetHttpService; C:\Windows\SysWOW64\nethtsrv.exe [180224 2014-10-08] () [File not signed]
R2 ServiceUpdater; C:\Windows\SysWOW64\netupdsrv.exe [161792 2014-10-08] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-29] (DT Soft Ltd)
R1 nethfdrv; C:\Windows\system32\drivers\nethfdrv.sys [46160 2014-10-08] (nethfdrv)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 20:08 - 2014-10-16 20:08 - 00030082 _____ () C:\Users\Lucinka\Desktop\FRST.txt
2014-10-16 20:07 - 2014-10-16 20:08 - 00000000 ____D () C:\FRST
2014-10-16 20:05 - 2014-10-16 20:06 - 02112000 _____ (Farbar) C:\Users\Lucinka\Desktop\FRST64.exe
2014-10-16 20:05 - 2014-10-16 20:05 - 00112640 _____ (forum.viry.cz) C:\Users\Lucinka\Desktop\FRSTLauncher.exe
2014-10-16 19:55 - 2014-10-16 19:55 - 00000000 ____D () C:\Users\Lucinka\AppData\Roaming\TeamViewer
2014-10-16 19:54 - 2014-10-16 19:55 - 03980080 _____ (TeamViewer) C:\Users\Lucinka\Desktop\TeamViewerQS_cs.exe
2014-10-16 19:20 - 2014-10-16 19:20 - 00000687 _____ () C:\awhEEA3.tmp
2014-10-15 20:30 - 2014-10-15 20:30 - 00000687 _____ () C:\awhE976.tmp
2014-10-14 21:11 - 2014-10-14 21:11 - 00000687 _____ () C:\awhE8C8.tmp
2014-10-12 21:27 - 2014-10-12 21:27 - 00000687 _____ () C:\awhEA2F.tmp
2014-10-11 12:38 - 2014-10-11 12:38 - 00000687 _____ () C:\awhED4A.tmp
2014-10-10 20:53 - 2014-10-10 20:53 - 00000687 _____ () C:\awhEA11.tmp
2014-10-09 21:09 - 2014-10-09 21:09 - 00000687 _____ () C:\awhE06F.tmp
2014-10-08 20:43 - 2014-10-08 20:43 - 00000687 _____ () C:\awhF076.tmp
2014-10-08 10:40 - 2014-10-08 10:40 - 00046160 _____ (nethfdrv) C:\Windows\system32\Drivers\nethfdrv.sys
2014-10-08 10:39 - 2014-10-08 10:39 - 00180224 _____ () C:\Windows\SysWOW64\nethtsrv.exe
2014-10-08 10:39 - 2014-10-08 10:39 - 00161792 _____ () C:\Windows\SysWOW64\netupdsrv.exe
2014-10-08 10:39 - 2014-10-08 10:39 - 00110592 _____ () C:\Windows\SysWOW64\installd.exe
2014-10-08 10:39 - 2014-10-08 10:39 - 00108544 _____ () C:\Windows\SysWOW64\hfnapi.dll
2014-10-08 10:38 - 2014-10-08 10:38 - 00246784 _____ () C:\Windows\SysWOW64\hfpapi.dll
2014-10-07 21:10 - 2014-10-07 21:10 - 00000687 _____ () C:\awhF2B7.tmp
2014-10-07 21:06 - 2014-10-07 21:06 - 00000000 ____D () C:\Users\Lucinka\AppData\Local\4004
2014-10-06 20:42 - 2014-10-06 20:42 - 00000687 _____ () C:\awhDD53.tmp
2014-10-05 20:11 - 2014-10-05 20:11 - 00000687 _____ () C:\awhF1CD.tmp
2014-10-03 20:45 - 2014-10-03 20:45 - 00000687 _____ () C:\awhEEFF.tmp
2014-10-03 06:25 - 2014-10-03 06:25 - 00000687 _____ () C:\awhEA9D.tmp
2014-10-02 20:51 - 2014-10-02 20:51 - 00000687 _____ () C:\awhE936.tmp
2014-10-02 14:38 - 2014-10-02 14:38 - 00000687 _____ () C:\awhF6BC.tmp
2014-10-01 21:05 - 2014-10-01 21:05 - 00000687 _____ () C:\awhFB00.tmp
2014-10-01 20:48 - 2014-10-01 20:48 - 00000000 ____H () C:\Users\Lucinka\AppData\Local\BIT667F.tmp
2014-10-01 20:48 - 2014-10-01 20:48 - 00000000 _____ () C:\Users\Lucinka\AppData\Local\{600DBC14-89B9-49CE-AEA5-9ABB878927C5}
2014-09-30 22:02 - 2014-09-30 22:02 - 00000687 _____ () C:\awhF64F.tmp
2014-09-30 20:35 - 2014-09-30 20:35 - 00000687 _____ () C:\awhEEB1.tmp
2014-09-28 22:16 - 2014-09-28 22:16 - 00000687 _____ () C:\awhA756.tmp
2014-09-28 11:26 - 2014-09-28 11:26 - 00000687 _____ () C:\awhE994.tmp
2014-09-27 20:38 - 2014-09-27 20:38 - 00000687 _____ () C:\awhEB28.tmp
2014-09-27 17:28 - 2014-09-27 17:28 - 00000687 _____ () C:\awhF594.tmp
2014-09-27 13:15 - 2014-09-27 13:15 - 00000687 _____ () C:\awhED2B.tmp
2014-09-25 20:55 - 2014-09-25 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 20:34 - 2014-09-25 20:34 - 00000687 _____ () C:\awhF546.tmp
2014-09-24 20:34 - 2014-09-24 20:34 - 00000687 _____ () C:\awhEEA2.tmp
2014-09-23 20:30 - 2014-09-23 20:30 - 00000687 _____ () C:\awhE6E4.tmp
2014-09-23 09:16 - 2014-09-23 09:16 - 00000687 _____ () C:\awhE947.tmp
2014-09-22 21:03 - 2014-09-22 21:03 - 00000687 _____ () C:\awhE80D.tmp
2014-09-22 20:59 - 2014-09-22 20:59 - 00000000 ____D () C:\Users\Lucinka\AppData\Local\30413
2014-09-21 21:12 - 2014-09-21 21:12 - 00000687 _____ () C:\awhF018.tmp
2014-09-21 13:31 - 2014-09-21 13:31 - 00000687 _____ () C:\awhE975.tmp
2014-09-19 20:43 - 2014-09-19 20:43 - 00000687 _____ () C:\awhEB76.tmp
2014-09-19 14:39 - 2014-09-19 14:39 - 00000687 _____ () C:\awhE906.tmp
2014-09-18 20:25 - 2014-09-18 20:25 - 00000687 _____ () C:\awhE7DF.tmp
2014-09-18 17:10 - 2014-09-18 17:10 - 00000687 _____ () C:\awhE9E2.tmp
2014-09-18 14:07 - 2014-09-18 14:07 - 00000687 _____ () C:\awh1F.tmp
2014-09-18 13:36 - 2014-09-18 13:36 - 00000687 _____ () C:\awhE993.tmp
2014-09-18 13:32 - 2014-09-18 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-18 09:43 - 2014-09-18 09:43 - 00000687 _____ () C:\awhEA4E.tmp
2014-09-17 19:25 - 2014-09-17 19:25 - 00000687 _____ () C:\awhEA5F.tmp
2014-09-17 17:25 - 2014-09-17 17:25 - 00000687 _____ () C:\awhF6DC.tmp
2014-09-17 15:47 - 2014-09-17 15:47 - 00000687 _____ () C:\awhEBD5.tmp
2014-09-17 12:15 - 2014-09-17 12:15 - 00000687 _____ () C:\awhE7A0.tmp
2014-09-17 09:25 - 2014-09-17 09:25 - 00000687 _____ () C:\awhF45C.tmp
2014-09-16 20:38 - 2014-09-16 20:38 - 00000687 _____ () C:\awhED0C.tmp
2014-09-16 17:35 - 2014-09-16 17:35 - 00000687 _____ () C:\awhEA9C.tmp
2014-09-16 12:41 - 2014-09-16 12:41 - 00000687 _____ () C:\awhEAFA.tmp
2014-09-16 09:23 - 2014-09-16 09:23 - 00000687 _____ () C:\awhE974.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 20:05 - 2012-12-25 14:43 - 00000000 ____D () C:\Users\Lucinka\AppData\Roaming\Skype
2014-10-16 20:01 - 2013-01-23 22:03 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 19:50 - 2012-03-28 21:45 - 01451311 _____ () C:\Windows\WindowsUpdate.log
2014-10-16 19:22 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 19:22 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 19:15 - 2013-01-23 22:03 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 19:15 - 2013-01-22 21:43 - 00000374 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-10-16 19:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 19:15 - 2009-07-14 06:51 - 00138269 _____ () C:\Windows\setupact.log
2014-10-15 22:12 - 2012-03-29 13:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 21:03 - 2013-01-23 22:03 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-07 21:06 - 2013-01-22 21:43 - 00003420 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-10-06 20:31 - 2014-01-29 22:53 - 00001854 __RSH () C:\ProgramData\ntuser.pol
2014-09-27 13:09 - 2012-05-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-25 20:33 - 2013-01-16 18:47 - 00001224 _____ () C:\Windows\NetTVPlayerFree.INI
2014-09-25 20:29 - 2012-03-28 22:54 - 00010428 _____ () C:\Windows\PFRO.log
2014-09-24 20:33 - 2009-07-14 17:18 - 00622660 _____ () C:\Windows\system32\perfh005.dat
2014-09-24 20:33 - 2009-07-14 17:18 - 00118810 _____ () C:\Windows\system32\perfc005.dat
2014-09-24 20:33 - 2009-07-14 07:13 - 01445734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-24 20:30 - 2012-07-16 19:54 - 00000000 ____D () C:\Program Files (x86)\Inbox Toolbar
2014-09-22 21:00 - 2014-06-23 21:08 - 00000000 ____D () C:\Windows\SysWOW64\mjcm
2014-09-22 21:00 - 2014-06-23 21:08 - 00000000 ____D () C:\Windows\system32\tprb
2014-09-22 20:59 - 2013-06-02 11:57 - 00000000 ____D () C:\Windows\SysWOW64\WNLT
2014-09-22 20:59 - 2013-06-02 11:57 - 00000000 ____D () C:\Windows\SysWOW64\ARFC
2014-09-18 13:32 - 2014-03-23 17:20 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-18 13:32 - 2013-01-24 18:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-18 13:32 - 2012-12-25 14:43 - 00000000 ____D () C:\ProgramData\Skype
2014-09-17 15:01 - 2014-06-25 21:09 - 02930992 _____ () C:\Windows\system32\dmwu.exe
2014-09-17 14:57 - 2013-06-02 11:57 - 00033792 _____ (IncrediMail, Ltd.) C:\Windows\system32\ImHttpComm.dll
2014-09-16 16:20 - 2013-06-02 11:57 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-09-16 16:20 - 2013-06-02 11:57 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

Some content of TEMP:
====================
C:\Users\Lucinka\AppData\Local\Temp\APNStub.exe
C:\Users\Lucinka\AppData\Local\Temp\appinstal1.exe
C:\Users\Lucinka\AppData\Local\Temp\appinstaly.exe
C:\Users\Lucinka\AppData\Local\Temp\applinstall.exe
C:\Users\Lucinka\AppData\Local\Temp\Better-Surf.exe
C:\Users\Lucinka\AppData\Local\Temp\BetterSurf.exe
C:\Users\Lucinka\AppData\Local\Temp\BetterSurfPlusInstaller.exe
C:\Users\Lucinka\AppData\Local\Temp\d3bh.dll
C:\Users\Lucinka\AppData\Local\Temp\drv61037.exe
C:\Users\Lucinka\AppData\Local\Temp\drvinst-1.exe
C:\Users\Lucinka\AppData\Local\Temp\drvinst-2.exe
C:\Users\Lucinka\AppData\Local\Temp\drvinst001.exe
C:\Users\Lucinka\AppData\Local\Temp\drvinst01.exe
C:\Users\Lucinka\AppData\Local\Temp\drvinstal.exe
C:\Users\Lucinka\AppData\Local\Temp\drvinstal1.exe
C:\Users\Lucinka\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Lucinka\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Lucinka\AppData\Local\Temp\jve.dll
C:\Users\Lucinka\AppData\Local\Temp\Mario Forever Installer.exe
C:\Users\Lucinka\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Lucinka\AppData\Local\Temp\ose00000.exe
C:\Users\Lucinka\AppData\Local\Temp\PKIComponent-KBExt-setup.exe
C:\Users\Lucinka\AppData\Local\Temp\set-app.exe
C:\Users\Lucinka\AppData\Local\Temp\setapp.exe
C:\Users\Lucinka\AppData\Local\Temp\Setup-a.exe
C:\Users\Lucinka\AppData\Local\Temp\Setup.exe
C:\Users\Lucinka\AppData\Local\Temp\Setup1.exe
C:\Users\Lucinka\AppData\Local\Temp\Setup2.exe
C:\Users\Lucinka\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Lucinka\AppData\Local\Temp\SimboApp.exe
C:\Users\Lucinka\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Lucinka\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lucinka\AppData\Local\Temp\uninstaller.exe
C:\Users\Lucinka\AppData\Local\Temp\Updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Lucinka\AppData\Local\4004\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lucinka\Desktop" je 104414 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

Zdravím

já vím,že nemám úplně běžnou "domácí" verzi,ale neměl jsem při koupi PC jinou možnost

Nechapu prodejce ze zvetsuji cenu PC operacnim systemem

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

# AdwCleaner v4.000 - Report created 16/10/2014 at 21:15:18
# DB v2014-10-15.7
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Lucinka - LUCINKA-PC
# Running from : C:\Users\Lucinka\Desktop\adwcleaner_4.000.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IBUpdaterService
Service Deleted : nethfdrv
Service Deleted : NethxxpService
Service Deleted : ServiceUpdater

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Windows\SysWOW64\ARFC
[!] Folder Deleted : C:\ProgramData\Ask
[!] Folder Deleted : C:\Program Files (x86)\Ask.com
[!] Folder Deleted : C:\Users\Lucinka\AppData\LocalLow\AskToolbar
[!] Folder Deleted : C:\Program Files (x86)\BetterSurf
[!] Folder Deleted : C:\Program Files (x86)\Better-Surf
[!] Folder Deleted : C:\Program Files (x86)\Conduit
[!] Folder Deleted : C:\Users\Lucinka\AppData\Local\Conduit
[!] Folder Deleted : C:\Users\Lucinka\AppData\LocalLow\Conduit
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
[!] Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
[!] Folder Deleted : C:\Users\Lucinka\AppData\LocalLow\Inbox Toolbar
[!] Folder Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\Inbox Toolbar
[!] Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[!] Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
[!] Folder Deleted : C:\Windows\SysWOW64\jmdp
[!] Folder Deleted : C:\Windows\System32\ljkb
[!] Folder Deleted : C:\Program Files (x86)\MediaBuzzV1
[!] Folder Deleted : C:\Program Files (x86)\MediaPlayerV1
[!] Folder Deleted : C:\Program Files (x86)\MediaViewerV1
[!] Folder Deleted : C:\Program Files (x86)\MediaViewV1
[!] Folder Deleted : C:\Program Files (x86)\MediaWatchV1
[!] Folder Deleted : C:\Users\Lucinka\AppData\LocalLow\PriceGong
[!] Folder Deleted : C:\Program Files (x86)\RichMediaViewV1
[!] Folder Deleted : C:\ProgramData\SweetIM
[!] Folder Deleted : C:\Program Files (x86)\SweetIM
[!] Folder Deleted : C:\Users\Lucinka\AppData\LocalLow\SweetIM
[!] Folder Deleted : C:\Program Files (x86)\sweetpacks bundle uninstaller
[!] Folder Deleted : C:\Users\Lucinka\AppData\Local\SwvUpdater
[!] Folder Deleted : C:\Program Files (x86)\VideoPlayerV3
[!] Folder Deleted : C:\Program Files (x86)\WebexpEnhancedV1
[!] Folder Deleted : C:\Windows\SysWOW64\WNLT
[!] Folder Deleted : C:\Program Files (x86)\Mario_Forever
[!] Folder Deleted : C:\Users\Lucinka\AppData\LocalLow\Mario_Forever
[!] Folder Deleted : C:\Users\Lucinka\AppData\Local\Temp\CT2247187
[!] Folder Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\Extensions\inboxcomtoolbar@inbox.com
[!] Folder Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\Extensions\inboxcomtoolbar@inbox.com
[!] Folder Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\Extensions\{707db484-2428-402d-afb5-d85b387544c7}
[!] Folder Deleted : C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
[!] Folder Deleted : C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
[!] Folder Deleted : C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
File Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\drivers\nethfdrv.sys
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\SysWOW64\nethtsrv.exe
File Deleted : C:\Windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Users\Lucinka\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Lucinka\AppData\Local\Temp\uninstaller.exe
File Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\bingp.xml
File Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\MyStart Search.xml
File Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\MyStart.xml
File Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\searchplugins\Sweetpacks Search.xml

***** [ Scheduled Tasks ] *****

Task Deleted : AmiUpdXp
Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\inbox.appserver
Key Deleted : HKLM\SOFTWARE\Classes\inbox.ibx404
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServer
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxToolbar]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2247187
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{707DB484-2428-402D-AFB5-D85B387544C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B83F74A4-7F2B-4352-8E1B-FBBD508566E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{707DB484-2428-402D-AFB5-D85B387544C7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{707DB484-2428-402D-AFB5-D85B387544C7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83F74A4-7F2B-4352-8E1B-FBBD508566E4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{707DB484-2428-402D-AFB5-D85B387544C7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B83F74A4-7F2B-4352-8E1B-FBBD508566E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5ACB62EC-16AC-46DB-8EFD-5E1F91222366}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C13ADC83-03D9-4E2D-9EB5-F81C8752B270}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{707DB484-2428-402D-AFB5-D85B387544C7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{707DB484-2428-402D-AFB5-D85B387544C7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{707DB484-2428-402D-AFB5-D85B387544C7}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Mario_Forever
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\BetterSurf
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Inbox Toolbar
Key Deleted : HKLM\SOFTWARE\MediaBuzzV1
Key Deleted : HKLM\SOFTWARE\MediaPlayerV1
Key Deleted : HKLM\SOFTWARE\MediaViewerV1
Key Deleted : HKLM\SOFTWARE\MediaViewV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\TrustMediaViewerV1
Key Deleted : HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\Mario_Forever
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{96E2E493-C484-43E3-9B95-D62EE7D40D3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mario_Forever Toolbar
Key Deleted : [x64] HKCU\Software\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v32.0.3 (x86 cs)

[iojoenqp.default] - Line Deleted : user_pref("browser.newtab.url", "hxxp://www.sweetpacks-search.com/?barid=&src=97&");
[iojoenqp.default] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[iojoenqp.default] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.cbid", "U3");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.config-updated", false);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.crumb", "2012.11.13+10.16.59-toolbar001iad-CZ-Q2Vza2UgQnVkZWpvdmljZSxDemVjaCBSZXB1YmxpYw%3D%3D");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all&gct=bar");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.displaybehavior", "");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.displaytext", "");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0323");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.l", "dis");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.last-config-req", "1352928548932");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.last-v", "3.15.2.100013");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.locale", "en_EU");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.location", "Ceske Budejovice,Czech Republic");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.lstation", "");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.new-tab-enabled", true);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.news-native-on", true);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.o", "100000027");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.pstate", "");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.socialmini-first", true);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
[iojoenqp.default] - Line Deleted : user_pref("extensions.asktb.to", "");
[iojoenqp.default] - Line Deleted : user_pref("keyword.URL", "hxxp://mysearch.sweetpacks.com?src=6&barid=&&st=23&q=");
[iojoenqp.default] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Ask.com");
[iojoenqp.default] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
[iojoenqp.default] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/");
[iojoenqp.default] - Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=en_EU&apn_uid=11A8DCB2-25CA-4E6D-9A4A-48AE55FD21C7&apn_ptnrs=U3&apn_saui[...]
[iojoenqp.default] - Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={04DBA4FF-64CC-11E2-856F-B870F452CBB5}");

-\\ Google Chrome v38.0.2125.101


*************************

AdwCleaner[R0].txt - [39837 octets] - [16/10/2014 21:13:06]
AdwCleaner[S0].txt - [39621 octets] - [16/10/2014 21:15:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39682 octets] ##########

Zoek.exe v5.0.0.0 Updated 16-10-2014
Tool run by Lucinka on źt 16.10.2014 at 21:22:45,64.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lucinka\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16.10.2014 21:24:07 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\SearchScopes\{88C3A737-3632-48D7-8853-C9BDB201E343} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{795cc329-858f-4080-9529-1c2fbafe770d} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{795cc329-858f-4080-9529-1c2fbafe770d} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7f84471d-5765-4531-a3e8-e8ca671089f3} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7f84471d-5765-4531-a3e8-e8ca671089f3} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22a2035d-77e6-401a-a8f3-099fc39563ec} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22a2035d-77e6-401a-a8f3-099fc39563ec} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cf776516-bcf5-46e1-a08c-79a9d77e92a3} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{cf776516-bcf5-46e1-a08c-79a9d77e92a3} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4ca812a6-47eb-4999-8450-81794f5c00c7} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4ca812a6-47eb-4999-8450-81794f5c00c7} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9756865e-6304-42f8-b01b-6bb4841726e0} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9756865e-6304-42f8-b01b-6bb4841726e0} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f50d0e9e-48a2-4eb8-8caa-c35d497738a1} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f50d0e9e-48a2-4eb8-8caa-c35d497738a1} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59b46ee7-dca0-4e47-a0ce-5f55f9dd5fb1} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{59b46ee7-dca0-4e47-a0ce-5f55f9dd5fb1} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1b6afbcf-743c-42bd-94a4-6d4f65f787a3} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1b6afbcf-743c-42bd-94a4-6d4f65f787a3} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{795cc329-858f-4080-9529-1c2fbafe770d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{795cc329-858f-4080-9529-1c2fbafe770d} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7f84471d-5765-4531-a3e8-e8ca671089f3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7f84471d-5765-4531-a3e8-e8ca671089f3} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22a2035d-77e6-401a-a8f3-099fc39563ec} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22a2035d-77e6-401a-a8f3-099fc39563ec} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{cf776516-bcf5-46e1-a08c-79a9d77e92a3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf776516-bcf5-46e1-a08c-79a9d77e92a3} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4ca812a6-47eb-4999-8450-81794f5c00c7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4ca812a6-47eb-4999-8450-81794f5c00c7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9756865e-6304-42f8-b01b-6bb4841726e0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9756865e-6304-42f8-b01b-6bb4841726e0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{f50d0e9e-48a2-4eb8-8caa-c35d497738a1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f50d0e9e-48a2-4eb8-8caa-c35d497738a1} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{59b46ee7-dca0-4e47-a0ce-5f55f9dd5fb1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59b46ee7-dca0-4e47-a0ce-5f55f9dd5fb1} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1b6afbcf-743c-42bd-94a4-6d4f65f787a3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1b6afbcf-743c-42bd-94a4-6d4f65f787a3} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{795cc329-858f-4080-9529-1c2fbafe770d} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{7f84471d-5765-4531-a3e8-e8ca671089f3} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{22a2035d-77e6-401a-a8f3-099fc39563ec} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{cf776516-bcf5-46e1-a08c-79a9d77e92a3} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4ca812a6-47eb-4999-8450-81794f5c00c7} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9756865e-6304-42f8-b01b-6bb4841726e0} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{f50d0e9e-48a2-4eb8-8caa-c35d497738a1} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{59b46ee7-dca0-4e47-a0ce-5f55f9dd5fb1} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{1b6afbcf-743c-42bd-94a4-6d4f65f787a3} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{1824FF90-C98E-48A6-838F-E3B6572B0C77} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully
HKEY_USERS\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{C1CA7765-44E4-452e-9D00-A04F3D434281} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{C1CA7765-44E4-452e-9D00-A04F3D434281} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@WebexpEnhancedV1alpha343.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta319.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha220.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewerV1alpha1069.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha2965.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha9228.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaWatchV1home494.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaBuzzV1mode6995.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@RichMediaViewV1release210.net deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\prefs.js:
user_pref("browser.startup.homepage", "www.google.cz");
user_pref("browser.search.defaulturl", "");
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");

Added to C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Windows\syswow64\appdata deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\awh14D7.tmp deleted
C:\awh1F.tmp deleted
C:\awh618.tmp deleted
C:\awhA756.tmp deleted
C:\awhDD53.tmp deleted
C:\awhE06F.tmp deleted
C:\awhE2DF.tmp deleted
C:\awhE56F.tmp deleted
C:\awhE57E.tmp deleted
C:\awhE57F.tmp deleted
C:\awhE61A.tmp deleted
C:\awhE629.tmp deleted
C:\awhE687.tmp deleted
C:\awhE6E4.tmp deleted
C:\awhE6F4.tmp deleted
C:\awhE7A0.tmp deleted
C:\awhE7AF.tmp deleted
C:\awhE7CE.tmp deleted
C:\awhE7DE.tmp deleted
C:\awhE7DF.tmp deleted
C:\awhE80D.tmp deleted
C:\awhE899.tmp deleted
C:\awhE89A.tmp deleted
C:\awhE8C8.tmp deleted
C:\awhE8D8.tmp deleted
C:\awhE906.tmp deleted
C:\awhE916.tmp deleted
C:\awhE917.tmp deleted
C:\awhE926.tmp deleted
C:\awhE935.tmp deleted
C:\awhE936.tmp deleted
C:\awhE945.tmp deleted
C:\awhE946.tmp deleted
C:\awhE947.tmp deleted
C:\awhE954.tmp deleted
C:\awhE974.tmp deleted
C:\awhE975.tmp deleted
C:\awhE976.tmp deleted
C:\awhE993.tmp deleted
C:\awhE994.tmp deleted
C:\awhE9D1.tmp deleted
C:\awhE9D2.tmp deleted
C:\awhE9E1.tmp deleted
C:\awhE9E2.tmp deleted
C:\awhE9F0.tmp deleted
C:\awhEA10.tmp deleted
C:\awhEA11.tmp deleted
C:\awhEA2F.tmp deleted
C:\awhEA4E.tmp deleted
C:\awhEA5E.tmp deleted
C:\awhEA5F.tmp deleted
C:\awhEA9C.tmp deleted
C:\awhEA9D.tmp deleted
C:\awhEAFA.tmp deleted
C:\awhEB19.tmp deleted
C:\awhEB28.tmp deleted
C:\awhEB48.tmp deleted
C:\awhEB76.tmp deleted
C:\awhEB86.tmp deleted
C:\awhEB87.tmp deleted
C:\awhEBD4.tmp deleted
C:\awhEBD5.tmp deleted
C:\awhEC03.tmp deleted
C:\awhEC22.tmp deleted
C:\awhEC32.tmp deleted
C:\awhEC41.tmp deleted
C:\awhECED.tmp deleted
C:\awhED0C.tmp deleted
C:\awhED1C.tmp deleted
C:\awhED2B.tmp deleted
C:\awhED3B.tmp deleted
C:\awhED4A.tmp deleted
C:\awhED5A.tmp deleted
C:\awhED89.tmp deleted
C:\awhEDA8.tmp deleted
C:\awhEDA9.tmp deleted
C:\awhEDAA.tmp deleted
C:\awhEDD7.tmp deleted
C:\awhEDF6.tmp deleted
C:\awhEDF7.tmp deleted
C:\awhEE06.tmp deleted
C:\awhEE54.tmp deleted
C:\awhEE82.tmp deleted
C:\awhEEA2.tmp deleted
C:\awhEEB1.tmp deleted
C:\awhEEF0.tmp deleted
C:\awhEEFF.tmp deleted
C:\awhEF4D.tmp deleted
C:\awhEFCA.tmp deleted
C:\awhEFCB.tmp deleted
C:\awhF008.tmp deleted
C:\awhF009.tmp deleted
C:\awhF018.tmp deleted
C:\awhF047.tmp deleted
C:\awhF076.tmp deleted
C:\awhF150.tmp deleted
C:\awhF160.tmp deleted
C:\awhF19E.tmp deleted
C:\awhF1CD.tmp deleted
C:\awhF1FC.tmp deleted
C:\awhF2B7.tmp deleted
C:\awhF2C6.tmp deleted
C:\awhF2F5.tmp deleted
C:\awhF353.tmp deleted
C:\awhF3B0.tmp deleted
C:\awhF3D0.tmp deleted
C:\awhF45C.tmp deleted
C:\awhF546.tmp deleted
C:\awhF594.tmp deleted
C:\awhF64F.tmp deleted
C:\awhF6BC.tmp deleted
C:\awhF6DC.tmp deleted
C:\awhF814.tmp deleted
C:\awhF96B.tmp deleted
C:\awhF9E8.tmp deleted
C:\awhFA93.tmp deleted
C:\awhFB00.tmp deleted
C:\awhFE89.tmp deleted
C:\Users\Lucinka\AppData\Local\BIT667F.tmp deleted
C:\Users\Lucinka\AppData\Local\ksomnbi.dll deleted
C:\Windows\Syswow64\mjcm deleted
C:\windows\SysNative\tprb deleted
C:\Windows\Syswow64\hfnapi.dll deleted
"C:\Windows\Installer\27051a.msi" deleted
"C:\Users\Lucinka\AppData\Local\{600DBC14-89B9-49CE-AEA5-9ABB878927C5}" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ext@TrustMediaViewerV1alpha4410.net"="C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff" [28.06.2014 20:51]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default
E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
F71C9E5E3B1CBE60269D873E8313EDA3 - C:\Users\Lucinka\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll - Cryptoplus KB – podepisovací modul
2C82D753EF779945977C82A3908DA20A - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.90.5
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dbndopdofneaonjnapofemfjppmfdbij - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta319\ch\VideoPlayerV3beta319.crx[]
dgjfjjkbhkkebneoplbknflnlgccnjod - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ch\TrustMediaViewerV1alpha4410.crx[26.06.2014 04:31]
djglmaopglclppcnofjgkpldndpbekoi - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1069\ch\MediaViewerV1alpha1069.crx[]
egphokopppgkdangnbiiaemcabildnik - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9228\ch\MediaViewV1alpha9228.crx[]
fhemcfkhbkppfhfbnocchieiapkfefcg - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release210\ch\RichMediaViewV1release210.crx[]
healnegkppceknbgkpjbphfenefghpnh - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6995\ch\MediaBuzzV1mode6995.crx[]
ihgilglmiikgacligpnookhkgjibmiop - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home494\ch\MediaWatchV1home494.crx[]
jbmmbapibplplpnngjkbhnkkglccafem - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha343\ch\WebexpEnhancedV1alpha343.crx[]
kojnibpnoebjkeaekcgofkbjiioaicfg - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2965\ch\MediaViewV1alpha2965.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]
mmifolfpllfdhilecpdpmemhelmanajl - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx[]

Video Player - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbndopdofneaonjnapofemfjppmfdbij
Trust Media Viewer - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjfjjkbhkkebneoplbknflnlgccnjod
Media Viewer - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\djglmaopglclppcnofjgkpldndpbekoi
Media View - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\egphokopppgkdangnbiiaemcabildnik
Rich Media View - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhemcfkhbkppfhfbnocchieiapkfefcg
Media Buzz - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\healnegkppceknbgkpjbphfenefghpnh
Media Watch - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihgilglmiikgacligpnookhkgjibmiop
Webexp Enhanced - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmmbapibplplpnngjkbhnkkglccafem
Media View - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kojnibpnoebjkeaekcgofkbjiioaicfg
Skype Click to Call - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Better Surf Plus - Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl

==== Chromium Fix ======================

C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbndopdofneaonjnapofemfjppmfdbij deleted successfully
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\djglmaopglclppcnofjgkpldndpbekoi deleted successfully
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\egphokopppgkdangnbiiaemcabildnik deleted successfully
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhemcfkhbkppfhfbnocchieiapkfefcg deleted successfully
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\healnegkppceknbgkpjbphfenefghpnh deleted successfully
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihgilglmiikgacligpnookhkgjibmiop deleted successfully
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmmbapibplplpnngjkbhnkkglccafem deleted successfully
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kojnibpnoebjkeaekcgofkbjiioaicfg deleted successfully
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.cz/"
"Search Bar"="http://www2.inbox.com/search/dispatcher ... &%language"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{2496CDAE-9B1A-4080-8235-B1BBCE9133A5} Google Url="http://www.google.com/search?q={searchTerms}"
{2496CDAE-9B1A-4080-8235-B1BBCE9133A5} Google Url="http://www.google.com/search?q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\394E2E69484C3E34B9596DE27E4DD0A3 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dbndopdofneaonjnapofemfjppmfdbij deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\djglmaopglclppcnofjgkpldndpbekoi deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\egphokopppgkdangnbiiaemcabildnik deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fhemcfkhbkppfhfbnocchieiapkfefcg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\healnegkppceknbgkpjbphfenefghpnh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ihgilglmiikgacligpnookhkgjibmiop deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbmmbapibplplpnngjkbhnkkglccafem deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kojnibpnoebjkeaekcgofkbjiioaicfg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RichMediaViewV1release210 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TrustMediaViewerV1alpha4410 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MediaBuzzV1mode6995 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\394E2E69484C3E34B9596DE27E4DD0A3 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Lucinka\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucinka\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=260 folders=48 53971655 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lucinka\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lucinka\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lucinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Lucinka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9WP7JK25\cdn1.static.pornhub.phncdn.com" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on źt 16.10.2014 at 21:38:20,95 ======================

Poprosim o novy log z FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Lucinka (administrator) on LUCINKA-PC on 16-10-2014 22:05:15
Running from C:\Users\Lucinka\Desktop
Loaded Profiles: Lucinka & UpdatusUser (Available profiles: Lucinka & UpdatusUser)
Platform: Windows 7 Ultimate (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TeamViewer GmbH) C:\Users\Lucinka\AppData\Local\Temp\TeamViewer\Version8\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH) C:\Users\Lucinka\AppData\Local\Temp\TeamViewer\Version8\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Users\Lucinka\AppData\Local\Temp\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Users\Lucinka\AppData\Local\Temp\TeamViewer\Version8\tv_x64.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(TeamViewer GmbH) C:\Users\Lucinka\AppData\Local\Temp\TeamViewer\Version8\TeamViewer_Desktop.exe
(forum.viry.cz) C:\Users\Lucinka\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ksomnbi-x32: C:\Users\Lucinka\AppData\Local\ksomnbi.dll [X]
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [ksomnbi] => rundll32 "C:\Users\Lucinka\AppData\Local\ksomnbi.dll",ksomnbi <===== ATTENTION
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\MountPoints2: {a38b4a51-4418-11e4-a23f-b870f452cbb5} - G:\iLinker.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260416 2012-03-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [215360 2012-03-01] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3331950805-703032821-105522138-1003\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - 970DE71AD20E47C091D907B2D1A23940 URL = http://www2.inbox.com/search/dispatcher ... 093&lng=cs
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {2496CDAE-9B1A-4080-8235-B1BBCE9133A5} URL = http://www.google.com/search?q={searchTerms}
BHO: TrustMediaViewerV1alpha4410 -> {011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ie\TrustMediaViewerV1alpha4410x64.dll ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Trust Media Viewer -> {011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ie\TrustMediaViewerV1alpha4410.dll ()
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\iojoenqp.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: http://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @kb-ext.cz/PKIComponent -> C:\Users\Lucinka\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha4410.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff
FF Extension: Trust Media Viewer - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff [2014-06-28]

Chrome:
=======
CHR Profile: C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-23]
CHR Extension: (Google Search) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-23]
CHR Extension: (Trust Media Viewer) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjfjjkbhkkebneoplbknflnlgccnjod [2014-06-28]
CHR Extension: (Skype Click to Call) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-30]
CHR Extension: (Google Wallet) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-23]
CHR HKLM-x32\...\Chrome\Extension: [dgjfjjkbhkkebneoplbknflnlgccnjod] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ch\TrustMediaViewerV1alpha4410.crx [2014-06-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 TeamViewer8; c:\users\lucinka\appdata\local\temp\teamviewer\version8\TeamViewer_Service.exe [3479392 2013-03-06] (TeamViewer GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-29] (DT Soft Ltd)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 21:36 - 2014-10-16 21:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-16 21:23 - 2014-10-16 21:38 - 00028019 _____ () C:\zoek-results.log
2014-10-16 21:22 - 2014-10-16 21:37 - 00000000 ____D () C:\zoek_backup
2014-10-16 21:21 - 2014-10-16 21:22 - 01290752 _____ () C:\Users\Lucinka\Desktop\zoek.exe
2014-10-16 21:13 - 2014-10-16 21:15 - 00000000 ____D () C:\AdwCleaner
2014-10-16 21:11 - 2014-10-16 21:11 - 01976320 _____ () C:\Users\Lucinka\Desktop\adwcleaner_4.000.exe
2014-10-16 20:30 - 2014-10-16 20:30 - 35194880 _____ () C:\Users\Lucinka\Desktop\starnet-tv-player_test.msi
2014-10-16 20:12 - 2014-10-16 20:12 - 00005431 _____ () C:\Users\Lucinka\Desktop\Addition.zip
2014-10-16 20:08 - 2014-10-16 22:05 - 00013189 _____ () C:\Users\Lucinka\Desktop\FRST.txt
2014-10-16 20:07 - 2014-10-16 22:05 - 00000000 ____D () C:\FRST
2014-10-16 20:05 - 2014-10-16 20:06 - 02112000 _____ (Farbar) C:\Users\Lucinka\Desktop\FRST64.exe
2014-10-16 20:05 - 2014-10-16 20:05 - 00112640 _____ (forum.viry.cz) C:\Users\Lucinka\Desktop\FRSTLauncher.exe
2014-10-16 19:55 - 2014-10-16 19:55 - 00000000 ____D () C:\Users\Lucinka\AppData\Roaming\TeamViewer
2014-10-16 19:54 - 2014-10-16 19:55 - 03980080 _____ (TeamViewer) C:\Users\Lucinka\Desktop\TeamViewerQS_cs.exe
2014-10-07 21:06 - 2014-10-07 21:06 - 00000000 ____D () C:\Users\Lucinka\AppData\Local\4004
2014-09-25 20:55 - 2014-09-25 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-22 20:59 - 2014-09-22 20:59 - 00000000 ____D () C:\Users\Lucinka\AppData\Local\30413
2014-09-18 13:32 - 2014-09-18 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 22:05 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 22:05 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 22:01 - 2013-01-23 22:03 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 22:01 - 2012-03-28 21:45 - 01463077 _____ () C:\Windows\WindowsUpdate.log
2014-10-16 21:58 - 2013-01-23 22:03 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 21:58 - 2012-12-25 14:43 - 00000000 ____D () C:\Users\Lucinka\AppData\Roaming\Skype
2014-10-16 21:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 21:57 - 2009-07-14 06:51 - 00138437 _____ () C:\Windows\setupact.log
2014-10-16 21:38 - 2014-01-29 22:53 - 00001854 __RSH () C:\ProgramData\ntuser.pol
2014-10-16 21:37 - 2012-03-28 22:54 - 00012610 _____ () C:\Windows\PFRO.log
2014-10-16 21:12 - 2012-03-29 13:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-16 20:23 - 2013-01-16 18:47 - 00001224 _____ () C:\Windows\NetTVPlayerFree.INI
2014-10-09 21:03 - 2013-01-23 22:03 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-27 13:09 - 2012-05-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 20:33 - 2009-07-14 17:18 - 00622660 _____ () C:\Windows\system32\perfh005.dat
2014-09-24 20:33 - 2009-07-14 17:18 - 00118810 _____ () C:\Windows\system32\perfc005.dat
2014-09-24 20:33 - 2009-07-14 07:13 - 01445734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 13:32 - 2014-03-23 17:20 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-18 13:32 - 2013-01-24 18:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-18 13:32 - 2012-12-25 14:43 - 00000000 ____D () C:\ProgramData\Skype
2014-09-16 16:20 - 2013-06-02 11:57 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-09-16 16:20 - 2013-06-02 11:57 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 13:39




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:146.39 GB) (Free:10.24 GB) NTFS
Drive d: () (Fixed) (Total:449.69 GB) (Free:425.23 GB) NTFS

Available physical RAM: 2615.2 MB
Total physical RAM: 3890.67 MB
Percentage of memory in use: 32%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 18D5B5EC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lucinka\Desktop" je 104450 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [] => [X]
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
  Winlogon\Notify\ksomnbi-x32: C:\Users\Lucinka\AppData\Local\ksomnbi.dll [X]
  HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
  HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [ksomnbi] => rundll32 "C:\Users\Lucinka\AppData\Local\ksomnbi.dll",ksomnbi <===== ATTENTION
  HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
  HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Policies\system: [LogonHoursAction] 2
  HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
  HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\MountPoints2: {a38b4a51-4418-11e4-a23f-b870f452cbb5} - G:\iLinker.exe
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  GroupPolicyUsers\S-1-5-21-3331950805-703032821-105522138-1003\User: Group Policy restriction detected <======= ATTENTION
  
  URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
  StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
  BHO: TrustMediaViewerV1alpha4410 -> {011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ie\TrustMediaViewerV1alpha4410x64.dll ()
  BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
  BHO-x32: Trust Media Viewer -> {011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ie\TrustMediaViewerV1alpha4410.dll ()
  Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
  Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
  
  FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha4410.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff
  FF Extension: Trust Media Viewer - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff [2014-06-28]
  
  CHR Extension: (Trust Media Viewer) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjfjjkbhkkebneoplbknflnlgccnjod [2014-06-28]
  CHR Extension: (Skype Click to Call) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-30]
  CHR HKLM-x32\...\Chrome\Extension: [dgjfjjkbhkkebneoplbknflnlgccnjod] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ch\TrustMediaViewerV1alpha4410.crx [2014-06-26]
  CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
  R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
  
  C:\Users\Lucinka\AppData\Local\ksomnbi.dll
  C:\Program Files (x86)\Skype\Toolbars
  2014-10-16 21:36 - 2014-10-16 21:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-10-16 21:23 - 2014-10-16 21:38 - 00028019 _____ () C:\zoek-results.log
  2014-10-16 21:22 - 2014-10-16 21:37 - 00000000 ____D () C:\zoek_backup
  2014-10-16 21:21 - 2014-10-16 21:22 - 01290752 _____ () C:\Users\Lucinka\Desktop\zoek.exe
  2014-10-16 21:13 - 2014-10-16 21:15 - 00000000 ____D () C:\AdwCleaner
  2014-10-16 21:11 - 2014-10-16 21:11 - 01976320 _____ () C:\Users\Lucinka\Desktop\adwcleaner_4.000.exe
  2014-10-16 20:12 - 2014-10-16 20:12 - 00005431 _____ () C:\Users\Lucinka\Desktop\Addition.zip
  2014-10-16 20:08 - 2014-10-16 22:05 - 00013189 _____ () C:\Users\Lucinka\Desktop\FRST.txt
  2014-10-16 20:05 - 2014-10-16 20:05 - 00112640 _____ (forum.viry.cz) C:\Users\Lucinka\Desktop\FRSTLauncher.exe
  2014-10-07 21:06 - 2014-10-07 21:06 - 00000000 ____D () C:\Users\Lucinka\AppData\Local\4004
  2014-09-22 20:59 - 2014-09-22 20:59 - 00000000 ____D () C:\Users\Lucinka\AppData\Local\30413
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-10-2014
Ran by Lucinka at 2014-10-16 22:19:58 Run:1
Running from C:\Users\Lucinka\Desktop
Loaded Profiles: Lucinka & UpdatusUser (Available profiles: Lucinka & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
Winlogon\Notify\ksomnbi-x32: C:\Users\Lucinka\AppData\Local\ksomnbi.dll [X]
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [ksomnbi] => rundll32 "C:\Users\Lucinka\AppData\Local\ksomnbi.dll",ksomnbi <===== ATTENTION
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3331950805-703032821-105522138-1000\...\MountPoints2: {a38b4a51-4418-11e4-a23f-b870f452cbb5} - G:\iLinker.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3331950805-703032821-105522138-1003\User: Group Policy restriction detected <======= ATTENTION

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: TrustMediaViewerV1alpha4410 -> {011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ie\TrustMediaViewerV1alpha4410x64.dll ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Trust Media Viewer -> {011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ie\TrustMediaViewerV1alpha4410.dll ()
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha4410.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff
FF Extension: Trust Media Viewer - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff [2014-06-28]

CHR Extension: (Trust Media Viewer) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjfjjkbhkkebneoplbknflnlgccnjod [2014-06-28]
CHR Extension: (Skype Click to Call) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [dgjfjjkbhkkebneoplbknflnlgccnjod] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ch\TrustMediaViewerV1alpha4410.crx [2014-06-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

C:\Users\Lucinka\AppData\Local\ksomnbi.dll
C:\Program Files (x86)\Skype\Toolbars
2014-10-16 21:36 - 2014-10-16 21:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-16 21:23 - 2014-10-16 21:38 - 00028019 _____ () C:\zoek-results.log
2014-10-16 21:22 - 2014-10-16 21:37 - 00000000 ____D () C:\zoek_backup
2014-10-16 21:21 - 2014-10-16 21:22 - 01290752 _____ () C:\Users\Lucinka\Desktop\zoek.exe
2014-10-16 21:13 - 2014-10-16 21:15 - 00000000 ____D () C:\AdwCleaner
2014-10-16 21:11 - 2014-10-16 21:11 - 01976320 _____ () C:\Users\Lucinka\Desktop\adwcleaner_4.000.exe
2014-10-16 20:12 - 2014-10-16 20:12 - 00005431 _____ () C:\Users\Lucinka\Desktop\Addition.zip
2014-10-16 20:08 - 2014-10-16 22:05 - 00013189 _____ () C:\Users\Lucinka\Desktop\FRST.txt
2014-10-16 20:05 - 2014-10-16 20:05 - 00112640 _____ (forum.viry.cz) C:\Users\Lucinka\Desktop\FRSTLauncher.exe
2014-10-07 21:06 - 2014-10-07 21:06 - 00000000 ____D () C:\Users\Lucinka\AppData\Local\4004
2014-09-22 20:59 - 2014-09-22 20:59 - 00000000 ____D () C:\Users\Lucinka\AppData\Local\30413

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ksomnbi" => Key deleted successfully.
HKU\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ksomnbi => value deleted successfully.
HKU\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => value deleted successfully.
HKU\S-1-5-21-3331950805-703032821-105522138-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => value deleted successfully.
"HKU\S-1-5-21-3331950805-703032821-105522138-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a38b4a51-4418-11e4-a23f-b870f452cbb5}" => Key deleted successfully.
"HKCR\CLSID\{a38b4a51-4418-11e4-a23f-b870f452cbb5}" => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3331950805-703032821-105522138-1003\User => Moved successfully.
Default URLSearchHook was restored successfully .
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db}" => Key deleted successfully.
"HKCR\CLSID\{011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{011fcec6-e9c1-4d1e-a9d5-7d508b5aa1db}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@TrustMediaViewerV1alpha4410.net => value deleted successfully.
C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ff => Moved successfully.
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjfjjkbhkkebneoplbknflnlgccnjod => Moved successfully.
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dgjfjjkbhkkebneoplbknflnlgccnjod" => Key deleted successfully.
C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4410\ch\TrustMediaViewerV1alpha4410.crx => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
"C:\Users\Lucinka\AppData\Local\ksomnbi.dll" => File/Directory not found.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Lucinka\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Lucinka\Desktop\adwcleaner_4.000.exe => Moved successfully.
C:\Users\Lucinka\Desktop\Addition.zip => Moved successfully.
C:\Users\Lucinka\Desktop\FRST.txt => Moved successfully.
C:\Users\Lucinka\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Lucinka\AppData\Local\4004 => Moved successfully.
C:\Users\Lucinka\AppData\Local\30413 => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 124.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Jak se chova PC???

vypadá to tak, jako to vypadalo, než jsme klikali tam, kam jsme neměli. Tedy vypadá to, že jste nám to spravil

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse