VIRY.CZ

Dobrý den, po startu PC je vytížení procesoru okolo 80%. Záložky prohlížeče se stále dokola načítají. Prosím o radu, přikladám log RSIT.
Děkuji
=========================
Logfile of random's system information tool 1.10 (written by random/random)
Run by Domaci at 2014-10-25 16:43:48
Microsoft Windows 7 Professional
System drive C: has 370 GB (93%) free of 400 GB
Total RAM: 4094 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:44:20, on 25. 10. 2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe
C:\Program Files (x86)\Klip Pal\bin\KlipPal.BrowserAdapter.exe
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files\trend micro\Domaci.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera_crashreporter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 2286522865
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 2286522865
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 2286522865
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 2286522865
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: 62c9ccffad834deab5e0fd5cd3afeb390064969 - {11111111-1111-1111-1111-110611491169} - C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-bho.dll
O2 - BHO: 8d6c6b503bec4fef8265c6850bf8e3d80065055 - {11111111-1111-1111-1111-110611501155} - C:\Program Files (x86)\Browsers+_App+_Pro+\Browsers+_App+_Pro+-bho.dll
O2 - BHO: Saferweb - {19396791-184A-2478-0E65-6F9922C64E28} - C:\ProgramData\Saferweb\OaT.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Klip Pal - {a13d85a3-d31a-4f34-b4cd-fce576dc079e} - C:\Program Files (x86)\Klip Pal\KlipPalbho.dll
O2 - BHO: MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll
O3 - Toolbar: MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [OfferBoulevard] C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O20 - AppInit_DLLs: c:\progra~3\perfor~1\perfor~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OfferBoulevard service (OfferBoulevard) - Unknown owner - C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Klip Pal - Unknown owner - C:\Program Files (x86)\Klip Pal\updateKlipPal.exe
O23 - Service: Util Klip Pal - Unknown owner - C:\Program Files (x86)\Klip Pal\bin\utilKlipPal.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8621 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\rundll32.exe" "c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll",service
"C:\Windows\system32\rundll32.exe" "c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll",service
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe"
"C:\Program Files (x86)\Klip Pal\updateKlipPal.exe"
"C:\Program Files (x86)\Klip Pal\bin\utilKlipPal.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-982ff01a-6990-42d1-8deb-56bc58e20f57 -SystemEventPortName:HostProcess-f3dc7f49-f4db-4258-be2e-e13d07058a00 -IoCancelEventPortName:HostProcess-b6eb809d-8060-4a1a-b360-96628ce496d8 -NonStateChangingEventPortName:HostProcess-6daaddf1-c7cb-4085-b1d2-2043720f8882 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8867e0a1-97b3-4635-ad51-cac44818eabb
atieclxx
"taskhost.exe"
taskeng.exe {FA93F46E-D070-4515-A117-04517C70F522}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Browsers+_App+_Pro+\309a467d-57db-44f8-b51f-9766f20ef82e.exe" /agentregpath='Browsers+_App+_Pro+' /appid=65055 /srcid='002142' /subid='0' /zdata='0' /bic=585DE3547A5C45F09563DFB4A0D315EDIE /verifier=0a16e3ffb6025951603513d41be9dc0e /installerversion=1_35_09_16 /installationtime=1411807705 /statsdomain=http://stats.newclientstaticsrv.com /errorsdomain=http://errors.newclientstaticsrv.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,184-0 /monetizationdomain=http://logs.newclientstaticsrv.com /runfrom='task' /externallog=''
"C:\Program Files\Microsoft Security Client\msseces.exe" /UpdateAndQuickScan /OpenWebPageOnClose
"C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe"
"C:\Program Files (x86)\Klip Pal\bin\KlipPal.PurBrowse64.exe" /l false /s false /c "Klip Pal" /t "C:\Program Files (x86)\Klip Pal\bin\TEMP" /i "http://apiklippalcom-a.akamaihd.net/gsr ... 0000000000" /d {3d0ff4a0-421f-4b33-a4ec-b4f95b34c8de}Gw64 /p 42030a63-d1e7-4246-b45a-d59deed51a6b:chrome /p 3951fbe7-9830-4afb-bb45-192feb839084:iexplore /p 4ce4bb1b-a928-4387-8b12-80a2894c769b:opera /h cdn.sharedaddomain.com,cdn.sharedaddomain2.com 0 10 "C:\Program Files (x86)\Klip Pal\bin\bau" true
\??\C:\Windows\system32\conhost.exe
/c 42030a63-d1e7-4246-b45a-d59deed51a6b /i 3951fbe7-9830-4afb-bb45-192feb839084 /z "n=KlipPal&is=ad8SK&dpt=20"
/c 42030a63-d1e7-4246-b45a-d59deed51a6b /i 3951fbe7-9830-4afb-bb45-192feb839084 /z "n=KlipPal&is=ad8SK&dpt=20"
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\SupTab\Loader64.exe"
"C:\Program Files (x86)\SupTab\Loader32.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" -noautoupdate --ran-launcher -- http://go.microsoft.com/fwlink/?LinkID=213185
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=gpu-process --channel="884.0.1337154223\378553648" --enable-proprietary-media-types-playback --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x68b8 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.982.0.0 --enable-proprietary-media-types-playback --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.2.2073645326\136017684" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Domaci\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.4.1766178231\95883036" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.5.1934384785\1718890442" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.6.603223981\379053944" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.7.2867877\547689062" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.8.526423871\1494938064" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.9.749816057\1612825592" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.10.2126291278\1811710515" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.11.781423731\1609367171" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.12.751617082\1834654405" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.13.290000104\1629458411" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.14.838020534\1508446216" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --channel="884.15.1315558852\1192334228" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll" --disable-direct-npapi-requests --lang=cs --channel="884.16.2000964695\1546784727" --enable-proprietary-media-types-playback /prefetch:-390060480
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll" --disable-direct-npapi-requests --lang=cs --channel="884.16.2000964695\1546784727" --enable-proprietary-media-types-playback /prefetch:-390060480 /crash-reporter-parent-id=4540


======Scheduled tasks folder======

C:\Windows\tasks\309a467d-57db-44f8-b51f-9766f20ef82e.job - C:\Program Files (x86)\Browsers+_App+_Pro+\309a467d-57db-44f8-b51f-9766f20ef82e.exe /agentregpath='Browsers+_App+_Pro+' /appid=65055 /srcid='002142' /subid='0' /zdata='0' /bic=585DE3547A5C45F09563DFB4A0D315EDIE /verifier=0a16e3ffb6025951603513d41be9dc0e /installerversion=1_35_09_16 /installationtime=1411807705 /statsdomain=http://stats.newclientstaticsrv.com /errorsdomain=http://errors.newclientstaticsrv.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,184-0 /monetizationdomain=http://logs.newclientstaticsrv.com /runfrom='task' /externallog=''
C:\Windows\tasks\715ffbbf-1673-4309-a8c4-526c3012bc07-1.job - C:\Program Files (x86)\Browsers+_App+_Pro+\Browsers+_App+_Pro+-codedownloader.exe /rawdata=apj2qJovK5FuViB3T0GUHudJkrIYWWdm77anxHgnVLdCsYc571fRs+jRDu7xIGdn/k7kjbDqxm/QZL4OIQ/SH1AeTYZ8GLsZDtIACFQBi8SL62znZ0ZhQzdz/2W8D3lwIqqHtiIKHtsTmbAgifTY/WFip/Fbf/J1O1OhGkQO2RZSE2GcOkZba0xb5Dygar82FstT5yoUeWK/MJwa6yF/bmRtj5K1zln4t7l9O3yz41Jiayfs5q/F8YYMtOL/KWrrzqafAq9UHJfTf9fzKHg+3eCGhSuAgA+QsqeB4PK++PtHEjBgzorNowq6MLaqkhTitg5pXJCmm70HuGkSySIDc6+nCSDb60Ce61g2rHV1GAgV+B2Wzlmjq75ZBn0y18eqpgJKnDYIAMyqJF+xAdwFKyI7AYeNjSqLLVLsWWV1J8vF3wnbCDXCK/7+nsL4MyGEwJ8YTUTjRmZDy3wr2JIkBevGHwXk7P1FTIaRdIeIsXkjoHjQodl9v5cqmXM9LPa/B1SBfjVHIU8dKwzYCd7Q58gvct5opvLBFJQN4YwFCMpvvbJIzzdKZHJb6quqLEeg7JWqSaIek01oV2SAkalKSlMr8fiiFtkA8FNGe3491AlKSpUeM3PsrUKpIiDZ+tym4U4Q1gNG+7OjKR9sqooujnQPSlM7ch5caWDBkKE3fo8QYC3UHT+1Xel8eA6nJnEet7uvBfrAe43m7o+RbEvcFa2HiTvJlZcLPlWHbNFZQwB4zQXI2aLhaYRvcHMaFeDlpY6SfN0ResM2CEOdOokwZOKxqLnjX8ISGDARwrbjXCTvVT7RcrHTECAwZcyT0DVz518mJu3YPR4wYPZbfPOB2XnaUakD+gXjY7KXTmUODYST/u9z1+xqxaBmhACPUGEPe2wnIh6/YEwLOBjUTCoeGx/KcLMuW4iiD/IWoCw5Y1qmTkNIYoD/Ixup0lrzgfNjXGHkMxSuNxRVy3XEoX4UrOkKQniu6Hg7t3b+CAuXdxBXdWdPc59lzOIel5NGIxQgGQINF38gDR55ARkh5YFScy1dZv6WXeWN7+eggIlizGNX1LZY3chBVpTHfthh3AXi7c0VgNic965K9qHP0EVFShZLK+LBB+n5qzf+8QHqshDpb2fp0hgUrSP9rgsjpm1phT4W59S0PM8L+ZYjZ5aOZPghixlRJQ1gd45XQ2F638U=
C:\Windows\tasks\715ffbbf-1673-4309-a8c4-526c3012bc07-11.job - C:\Program Files (x86)\Browsers+_App+_Pro+\715ffbbf-1673-4309-a8c4-526c3012bc07-11.exe /rawdata=FmGkrWJMh327KeNDfKFpMbvTYQ4we2bRBTQ46XSxFWeW3uvtEmwiY+uCPiOsfohnyaJOt6U2mTPGJjKVSM1sMP/d+oxA/xX7jTZir/UFs06ArN3Z9WdMpnbvjY/w4C8Vpb1jFyP4+LrWLYAut6yA02nlt/BKViGPPsjRDusTWh6vQ4xJPZ4D+zUh0bmNONrkyEie8tZy759QgfLLWf6p0c9lAd3Vex2xQ2G2kEVdn9d/YOngMLP+EwtGdOa1rHLofdWzXCcp5vFFnu0aTCRn5T/tZgyThaj9F/sXbZIqpqlaWmGjjcKvGsjtMzY2vM0fe9eR4ftKq52L4FVDek7wXXksMnxSNTdWVI0pZ2ikRQnzVEvbRz2VqCRaUeufCuupMfnN+TF+TmUHAhXUGzWMHSaTT2rhBEU9kDU2Vm/PqatNnWlIVcTwWN5ctJHvjyC8a9jiVeYFpcLr+6wbiQSivhXMVFrwWhNLp7FH0iqnLDvUy+8sNADyBr6A+wDD0ysMuR/Z3OzQVhwv+Ua/Bc1PQt7JLfGW1WWUu6SVFAj/8VwjyxvABDXgQeNw27Yi/n74FeO26LxPsewri6LZll0Hv97t8RvpmamVturpT9WBQ1eGRbGdVEY1xd/2eToKCu/cmYO+/A0f7tJguOeg0tZjHVgmvCl3PwdzYJQSEm18GDAx9Y4aWt4kyhJ9gRe15y3rZcHUnfr36f3skBnL38h/rApwXGr9vAsy0u/DGuZqdreIcCkWDtZ6TWntL9XYRbLgT1qpQy69rG4Mm0Jksiypy7HmE4tLUhOuP4XTKWh+DB1z4IXxBXULVYRrLusV+/ttL/xl4KKJwQ52RTBjKwu3RQjkOU3DuLFgPiIJDvvddzTuUXPcduUkx2m0vkEaz1QXECZMeCROfeN69zAXaYdIrpiiJAOQy80kTZYGzXS68zN8j94mXPIVsR7/KOp1+/L3lS0uPOmzT0HKJbVbvuC10IjQ6bLxCF/UZVh96sm13XCEOd4FO50QoTzUmEJcsXY5mUbbexm2oKUQ0zmLIVlW2E1fUqbpIR0H8UUwKtPDH+rxRGfrqFepZqfN2azG9CZVamoZnwHSHPymoNvPbDhlKG+m/GVcK/LDGxN8mM7aNmp/ghP3vwUMnjUvjqldF/J9Q2vloNH9iAqYQjs/xVWqy31erd/eTh/hNkAN3e2JSediWnrtP6uD1SgZ2d9D3WGSRg92MKkMatJtxVZyUIz0B+XgpahEx0rSavE+fcgpMnPHjdvYof+AXVgxne5V6sE75H/foiPeR9rVSctBTwJ9e7bN2urqE3RAL3hdwyU7QM0iIPgvqWpg4LzGmqdUwy/xqAvNOGZbYx0bEuZD4/+VTD3wGof5cSb+X5/8FRcWdlCHbJdRQq8/YRk/4Fi284xvIX/Qp9Tdy3Uh3zZ0i7BmQm2B4jQNnovx1f9ot8ikF9Po7FHfkhSHVJ8lkd6OPNS7JktKuUOgdR+rR4vZhsWT8we52n9iIHXQu1f+Pq6ZllUgshaSFhj9tQpMW2k+nmfYdXTXRdCOVCDL+dPxidZIUpzVHQGWiI+693duTKuagwwf6yTq6Ua3ETAAcM3JGuz6bT4mG87bSNVIo098jiQ2Ks2HxiFh3fz2h+qABwkZ1oL7L0SIo6zLL3htMRY7h+4FfZYeyv6+x1UmROz58ZHB2gPuFlglqElGPr5dp2uGUrSLbRvRc+ZMLDlDhMOvj8JUPuSzmxgphuScPVH8d/TDu5iZB+al5ivEO9W376faJklf5U1s0Bhxk86OSmAgmCgtWzkgP7wKifpfXfNQj47y6m5LD4cnXOb87/+5nGMRkf22qH7HGRBFFFDBUwMyk14fuO4ryQDS5+biwRDPwyxIS70tZG5bu5BDOfPDJ6cfTu8giPujRFdxG2E092M+pPvzGuuEPkjFpBZw0dyhVOMfGeqqVSX0xBvatKjqNxsQj6H0oc1HqPLAJdsmN91RNqwt09Tlqot55LKBSyTP8IP6r3eEwGauU0iDm1z0zUwJUJFDdY7+EDUIBgN9VQuWLzBY
C:\Windows\tasks\715ffbbf-1673-4309-a8c4-526c3012bc07-2.job - C:\Program Files (x86)\Browsers+_App+_Pro+\715ffbbf-1673-4309-a8c4-526c3012bc07-2.exe /rawdata=j97lJ9Ka2oXiU5tshZrn1lUPpH6LQrsqiR/4iV1bdbzq1lUpyWWJGlQeAkV97wBwMJkhZWOaAgiB1KD32U8C79Krwh0nuL0qIPQUa9sl+rTPwkbK06gn/iC2iMUrT4xd7Wr10VeFgMveDe4XAHJ4upbFPTiTTwHee+cTz4HR5jemHE6HjcZmXgSbhcZGf289kRhZq8pTXI4SbPB0B4uM8zOFVIyp1N4dlfhVteEIglJM/Ub1b2rtycW7L0J1MrXyQ7O9tBqzXTW18gToUSgZfxxOwU0fmBoFgN7k8LdL5MWRf21XJ10imfpPizFVz42VssTDCotyK9F7EGlKAFzWCYgM7Wyhms7AFgQztLkVazM3K3qdhfmGfmmQzydP6EgHHY8ZoGfys+cq/x0qKIUz+3KkXGy4lFq2ah7L6qlGNzDIqT671fr3oHV8xGWCvjZbSGYa2Tftc/BNBde+vbOAm1kunWSxOL3RruSnOsSONL3MEgvu+4Iki8r23zcCAdWDXDNuXdbUnNTv5R5DrDJ13hkj3YPJceevRZELf7yWEfAgofiJHje6Ql6p9UlU1IGe6qaN/uWb5TgbGTifuK8IF9Be32QY98ah9twaS/LkX65l9/cWRMmrGJ3M0OHFYOXLbybp5g4yxosKg6NNx6ngDIJEqnjT4xlhX13MKPzP7J9DC+iVs0XC4quDLwafEbwPyQbBPUuCLsyZpO2vOS1ebk5i2sUFFMwXLVMhYp8BVRsjSZE3NIFLh0M/zC377KAo9sbUhW4BjJjUbqFPlhWq7yJ6KaCqrcg/bp6aDJgvsUTWbyD9CwReoP8wA8itcYaS6Jz6zxoBxANfVB9XZls6cw==
C:\Windows\tasks\715ffbbf-1673-4309-a8c4-526c3012bc07-3.job - C:\Program Files (x86)\Browsers+_App+_Pro+\715ffbbf-1673-4309-a8c4-526c3012bc07-3.exe /rawdata=G4vRNh4DQjji7Z1c56jHz3NCTwdRIBGOQV5KLp5WXjz23YzOltQTq4wHi2Nnz4Im1BlJxsmJECbAIFEvObzjFoQtcr8CnlwxhggynmOZqGXi0trbeYSsxL4kxvBu7vOvQrOSH/DekGrGfz7qpvpHiZ+3iTGIocOn270tDigtvr0vpevx8EqJEBnXALYS/Pzv64+nGsGS3Ed9rfoFAd8IHeRIV3TpBt7e+FT+8nRVBc4DCW87SzOocuwcZw+ieHbbKarFrpRbL1lZH+qwGVcfc3EEFxHzHJgHC5fhAAovVTt7d/5msdES2JNJCGNNOpHi6wDHIOKtob04is//Nz9l+GGdb58ofIuoE4eoDP0+g1vjfyRcxaZic3Z7yO6GlJIZWddZDO14hNQek9oWSigVypNMY/YhduHOHHwqx2+xbW3zUbwkJh/wu/fW9wrRzhZPG5Nlj+G3ByjhDgSxgf6iN2/LmmEvJaGg84aZxEjfluy4bGmf9JE3/GdZOWU01b4vbTKgkkC1RhGB3MDrtNHAccye4TD19EN5EOUKEbEN/nYffp0XhBrWuqJrEMZAwSwpOosQkGXkJvJTS17ey423uGgUWJDm7GwGJ25uJ4peKlRmdMBXcbVdDRSbOA2i45LUJQHSe8cXjp84tzJJykN7SR1KbHdhQCM2y0PRq8WmA440sNaTGCbYFTqVDWp3i6vEXcVT7pfGnxfEMJOKpc0I4L1e5k9gP+eDQPhjibjoCfHvZz73bAFh0n1L+HcZblLMhI6mbONSuK5ur7gw29u88QYAYkbyYg0qyafCgWTYra0LFjU2Qz6cJjyv0DP0jUwHEAg5ylFeY4OfAFbTvJ7X4V92f/N8AtBYgcBxAdlLLrym+F0iI82YBlt0Y++KwEtAMqW1brS9z3FhFsItYgmnr56vRjBpX3zYbb2UDytL28fJqR3DVWAt7uIFHFQ6/vGgfXGQVFsUSFGsC590nuPl4yy7MYcSLt0BvFdL+SLYXd2/4G/0iXwWGajKAiaw3jtUhwLMra56+dGaNfvGAmDaGlWZef716RDW4uorSJmmZQ0qI/eb5FmZqXVYbumb1IjwyaSNPHYFaeB9+o+kDLU4RYpqouRoonpqJyrVgfineNjxPxpgU2q1VXbmArlw4nOkmQ6xLrJRvbtOHHimf4Q16IYLogGoKrBGvPj6V6J6cYV/69XqjTXmTzH2+62El2gjnRtkkkHGli1PosvAsch/702PAz2zB6rnHBEU9xPbW3saPftMyJxDqIwGV7hewMU9pjt0j6Bm8FINwNRYCH6y8/UuODHG43BaC+en7632M5ZIT34foMqfsC3w/aHmmh5p2iyJpFPBfB8oVwgt3PC0cD5YcW57n2DJCfLaSDweQbqdbiH+xS4oNC17UFIr0V/gwQ97eI0CRGKvFX3kzngu1w4hLSjys0aWtjm7s8v+pDZ2Ym872lcg9RiAuTBDCJ7/sE8/L4nSqiAy9LyrYnzr3ZAK12keWdIk6G3Z5xu+SkGwpEUWhGqWk0IQ34/7wBBIufZvyY6cvCt1TeXCn5oVQ0y/rm61PE62+XmTaBUTGytFYdmRc7WTMK8h3frDDfSWvygt9a8bQTK9+n0AXyqIGIHE956qnMMgzWuCxGqgWGZIDdYq9bQ3OVeiA7QD3FS2t/D4yqEIwL7lzgQnAHHXP1D4yoZ2apDRWAn61ysq0yI=
C:\Windows\tasks\715ffbbf-1673-4309-a8c4-526c3012bc07-4.job - C:\Program Files (x86)\Browsers+_App+_Pro+\715ffbbf-1673-4309-a8c4-526c3012bc07-4.exe /rawdata=osDKjDpFwvy1567hCZMgEtAhKHGsb0LgB5G8v3e1U5NxkLREzo6Cp8tpYewhsQJimAk+csNOJ6ulnfq671LYokR9SbMtRNzqIMei9R0v9nlRCQXgu+F6ZU/pQQSMhs0KzKt9s1atp/MDgj8he89Ju9EzrG19vSG25WcARlfEjqlwxd6VYGmeBrNOzLAGeVUEjJutO10UV54Mme0sax5klesn/Ju/VrwSygZWRi3WeSxUe+5hhfEtItdesQ4WDYIgChBEJMedyVzN3stVMWqXxaPegTnxeSJ8QejtyT7vzEORNTIE/bfoapTSfyD+ePo2Bjipvr02gq6618tv+t5kVo+ubfCs+ooNknRjkOiWt1jeLhuhHElp3WGDHj4B4TSLiwoJP+2CpclPCmJ0cgWMQxxsCVykL8cw4c5TJH/Ol8vbhBVh9uYol5V/7FGeIKMtwWgTBgFNEvBdqrhi+LMyz9W9hPD5KROdNdCQ/JuPAC0097WShzAvw89giPkq0/EFFkC8hEvIOBYnyk8ZDPpVxWcTE4yrVI5LmIO2j4uO7H2I/2amCigbLLs50WdSrbTBwXPgaHf3alCscWId7sn+H7mCJC/Rk5JQZ8dz9TxLgmelhcYJjehcS6sskFMAMRPijhT1CiEJbnmzfz4VdYp/m+s4HWMT9N2wRXMj5tmejdFuJ9CGLRDjGF7oN2cZhnxLobQA0oEYuEM8PqCht7qpIbJQ3m92Bjj4Zm4Fk0du7WqCJVwKnqHIcAWEdJ6YKrKhVunjGMFZ9g1B2N/HcJU7LkXhz1iucKP2q/+Xk8/IKgEz+2E5FjXwKyX6GoQRJb1hBb8xk7KX/rxMQmUe1Wj6oRpvr248ORXx7nZf3gERZSgTIpl+a/aC9sK/SoOh5EwYzrdrSIr7YAbF7T+IghWiVVrgvaivsnUs0G3ysvoYBQCzYDzBARWCSBMAXbQp2sXYycwqmc6b9lwRRjk5o92BH1fwNPZ0zOXZLtwqoj4wpsDq/Cj5YtfbSBVPn9JeK1Q4EHGmtsA4ITyYdbG9L+B34yeLhCFlHcyKMhkGRf95s5VJ0JBJb0i0k4FhNVneSvanl4t4nMjTt2nYah7sK0QJiNwxT0RQ24l8jFtmj4nYn4Mt21Go++W2lVWUEejtyIhSE6GmqL+OnJIMSQ1eWG/AjtycfD2DlpVK5sRw+TeyXfmv36CTNCWgLMUG1dqWEAD1YDPFQn5WyoYvrUbOQGlW13NjLzr3mDFQ4JXYx949XfuT866KO2UV0eomZRIN6x9P+b/v+4VuRNSC5BdSJQoYuAogs8ITuN06n/Um8zf79dFfVES9Zg4J0AY+FkhASFgyz+tXo4JsnBOrX+JoeMguoVFEcI0N94cWFOP5HJ6INDkc+TPgSYsBVqQntdBa3eAnWYhylBtYxQ/94DdpyAeKRH0YMpn/1VzRGYL4BnBqX5jR+d/qKcTrjusPozfdweiRpZktknyRTT8QrCKf8V2wVtKGybhZn967+EPPk4mSlhU3naB7g0S+AmlKmbuZBeP8lxIu8xxeNl1Wq6n2hT2HEmASzqk3EU27OXI2wxCsPXVKN35entr2qiI76/v9ehokCTFasZF5VzSjmFF8K3Ij+bcM7rAi6/N9A89I6v/eyhrEaB5s6IEB1xh76/n3l5qx2iprj26A/C9/RxHscSNyGEL+j3AGr1x5mObaW0WA+I8=
C:\Windows\tasks\715ffbbf-1673-4309-a8c4-526c3012bc07-5.job - C:\Program Files (x86)\Browsers+_App+_Pro+\715ffbbf-1673-4309-a8c4-526c3012bc07-5.exe /rawdata=kYj68pzofgDdFiGeDxnoJQtJWutztUaRTN/X8s66FnD7AsfVnALOfzx3QNuRKfiHjjX7d62T+/P7/UtP3EuVpl3sjbScrHKYGvMQa/HcVDFWWiVSqWIkb6b5XUHfY5bFPZvrcXELgBW33m4j1S71oGsPtJmjqeeFBee6Ud6tPTW9SSxJW5QZvGxLr8Aon+hKRFvm/k7hHGSjEYW1ulhEsmfLh3CGrNWSzodnUFfunxbr5l0XkC4c6BO4h9C4gQ0KABFE8Ne4jM5AoL+yuSzwmMQ67JBNdndO7dxCktEbKneI5NoLZt2E/Owj/j12rMBX94FllscysJAXOpzZtJP3IHbFaTd1mHn82zcpJWV23n++eP287w7tUqCex2T63AzuP7xslN1VmlE6roRR6jOBtI/gP9ZjPENNvBAiWD573eB+xWNcPxsZS1vYcA8ZxIxWd02tKYc5Fdmnli9g2sWZAQFLvNV0TLp0QI+hktZS5zjfqoOeVE2wbwo7T9XSHNxGOBI9MQRVGFejR1Remwgqoeg7p4cPk6uObgvfm2d8gN6HfT7lCRlTC/KAwRTpYiIu8cSVY70qEiiZ0N/l9i13Qbpcu7RtaYUmGj/3g4g46jYNXpPNbAD2Rk8bIlcMZJxlEvkG4BWbJDe29dSZuKGgGHejhzgu5psqx+ah6rBtH8gqdHVMH+ewOynnNU30nDMUoTLwYxlLfaq0e7xjC7qkjEdW0sm2vSgmxfEsHiYnvlYyiLZxiVXhQmCUWb1riO/VA/Qb+PTeZWpdAIW4poR2cFgzOVN3VhksOEqulYngIodyEtdQCEirwcgMMIwXKLKS2RLpgjWxiNlv/qOeCDie0aqsgEbFh1OqY5tTlNHkINHMFAVGyAwZeByIH9Q8RwL5Qp0N6Vse7Xsh4cruG5PZsW2qHcmgWowp3h8Sc2qCbE9pr0xh/TaUPGWzvoA3pqyFvXo6rZB4y3saA/Adnfqhqs2in0PExfwrTLWQwfi+drlNsFEb1YuponwBz2wjOQ2G
C:\Windows\tasks\715ffbbf-1673-4309-a8c4-526c3012bc07-5_user.job - C:\Program Files (x86)\Browsers+_App+_Pro+\715ffbbf-1673-4309-a8c4-526c3012bc07-5.exe /rawdata=kYj68pzofgDdFiGeDxnoJQtJWutztUaRTN/X8s66FnD7AsfVnALOfzx3QNuRKfiHjjX7d62T+/P7/UtP3EuVpl3sjbScrHKYGvMQa/HcVDFWWiVSqWIkb6b5XUHfY5bFPZvrcXELgBW33m4j1S71oGsPtJmjqeeFBee6Ud6tPTW9SSxJW5QZvGxLr8Aon+hKRFvm/k7hHGSjEYW1ulhEsmfLh3CGrNWSzodnUFfunxbr5l0XkC4c6BO4h9C4gQ0KABFE8Ne4jM5AoL+yuSzwmMQ67JBNdndO7dxCktEbKneI5NoLZt2E/Owj/j12rMBX94FllscysJAXOpzZtJP3IHbFaTd1mHn82zcpJWV23n++eP287w7tUqCex2T63AzuP7xslN1VmlE6roRR6jOBtI/gP9ZjPENNvBAiWD573eB+xWNcPxsZS1vYcA8ZxIxWd02tKYc5Fdmnli9g2sWZAQFLvNV0TLp0QI+hktZS5zjfqoOeVE2wbwo7T9XSHNxGOBI9MQRVGFejR1Remwgqoeg7p4cPk6uObgvfm2d8gN6HfT7lCRlTC/KAwRTpYiIu8cSVY70qEiiZ0N/l9i13Qbpcu7RtaYUmGj/3g4g46jYNXpPNbAD2Rk8bIlcMZJxlEvkG4BWbJDe29dSZuKGgGHejhzgu5psqx+ah6rBtH8gqdHVMH+ewOynnNU30nDMUoTLwYxlLfaq0e7xjC7qkjEdW0sm2vSgmxfEsHiYnvlYyiLZxiVXhQmCUWb1riO/VA/Qb+PTeZWpdAIW4poR2cFgzOVN3VhksOEqulYngIodyEtdQCEirwcgMMIwXKLKS2RLpgjWxiNlv/qOeCDie0Z5esNWuKlWhhnivTvkXUfXYfBKVwwvE1SzGK6OAQrPvlhv1K+Qd0iOQHQ+9SGScsUbqPxUHSqzztHxCJKy3yTjv8j2ISAi6gEn1fIwXv1bnjHFEN9fbfyquys0V/SFocK2o9qkTSB8p+KbNBSycV4/OoVIe6EP6ULwn4gg1JNKw
C:\Windows\tasks\715ffbbf-1673-4309-a8c4-526c3012bc07-6.job - C:\Program Files (x86)\Browsers+_App+_Pro+\715ffbbf-1673-4309-a8c4-526c3012bc07-6.exe /rawdata=U1zZa3OZF/xoAoCsnJcV1KTXTKfZRlTHEWzM9PpSDTqwUnpFvU4NmVBZsGXbukeFZq73OZv36X8QLI402deftUdd4aW3x+X3Ogpi+XD+CP00l0QeM6AX23KPd3k5B1zgsfEhfogWVG5B8xrwCufr30AH+WtVJ/SMw5yJJZdfJAJLk67iJHhuaA54HAmxSonXWjdgpB4Yx4hdCMauywUZCyev0WFZ8oeU5/IsehE7MB8fh4veZ2ePDHPkBm6VZA/fO430p/eM7rLoom11ijOlGrsIYeFrk26fypcC22D93unRUMKJrNuKe0Igm2BjDzrlQsuMq0XZ1yPSnoovMwAgf4gOz8Ss27H+g+dJNLWPj29DizYo+QWozTL3n8NBhX9rDSUHXMhx7biBf/883aDwLdtfdJdf3oazpbfZw/Y/agjkcfMrcW16Ro6yXIuvqbNd6mD7qR7YW5xXAiR43Nefcxf3RXkrgkjFEmVfE+AZToX+JVhJ0vsJRag80399am5YaDAdjAyvBXn0nmKuMcFEicYv06oOtgtzdkrC2aF6aoSWmLYg3sRFnuxAWqbJpEJe3Z++pl7Ufuo8Epjilk0nr8UWpP2Xx/oVfzIe3BI9WfjtFs6Mn7qCWYZ0a0lKAcP86ZiZOu3lmXNYf9slzmOgz7Uw+eDWA6YYp9lLHPdHKRpX8Ff8uotgPpFeU6mvYLBx7KdZ87GfxlQsMLRp3uVHUJKLAdjGctJ14b0of0mUyDxwsJ5ZH7i5ZhjkNQ8Vs/3Fkbct6wy3lYYOC/sm7MoCiDr7ge7SO0oJVJLm8vMkFYF+EfxCIH+MaTWGObicd5k8MM0WIDqxpWkQsrUkBZuWQkAi8eayPaMa2vrAkEJy0GkSKoqvNflvqT0GlbXCLmIu3YC1+fJSB6KpBlyLu+Vzi/f6wxd1cQX0gOQTB83X/8R03BtLwCS9IOIsKh/BPOwBn3w8f2TIo6O0bh7UqxcfY9uLMFqrQWBH72phaIxD3KZBh9D4FSdYKkiG79pPZHnTmIxheN6H5pyUye3ktdRbTPbkRpQWVC775bzx2Xe3633aX86sRx4MZAFkybJT1O9mn5UyrUYIeaUJvMpRmoIRKhfTzgFDAuKFSj0sztC68Q/hkkc4NKMlkonySpeOIDJkRLqZ+kJST4l6IaXf+917iEXzsFTbqrHK+VYBdHkXBZk=
C:\Windows\tasks\715ffbbf-1673-4309-a8c4-526c3012bc07-7.job - C:\Program Files (x86)\Browsers+_App+_Pro+\715ffbbf-1673-4309-a8c4-526c3012bc07-7.exe /rawdata=llC1WPXxzo8WSYJ33psKUVxkKjj8YV1CL3cIhCYKBKbg1YPKVwmUOSKCJ0z52IkwZoTDvWyf7xwmAX5Gr0qa+/KTol3WqWjiIUgefnn3l/mDwBPvWqzMqbJhBJcq24PNJwz8tY9xQ5ad3lOCqWXrzBgZsRcLjWxi88JaNBUtkfd5LDJ8UjU3VlSNKWdopEUJ81RL20c9lagkWlHrnwrrqTH5zfkxfk5lBwIV1Bs1jB0mk09q4QRFPZA1NlZvz6mrTZ1pSFXE8FjeXLSR748gvGvY4lXmBaXC6/usG4kEor4VzFRa8FoTS6exR9Iqpyw71MvvLDQA8ga+gPsAw9MrDLkf2dzs0FYcL/lGvwXNT0LeyS3xltVllLuklRQI//FcI8sbwAQ14EHjcNu2Iv5++BXjtui8T7HsK4ui2ZZdB7/e7fEb6Zmplbbq6U/VgUNXhkWxnVRGNcXf9nk6Cgrv3JmDvvwNH+7SYLjnoNLWYx1YJrwpdz8Hc2CUEhJtfBgwtp3+KrHj3GnQXNh7HsLxAaZCMQS8T1Cpny4RJ1QI+nvadkfYy79RREU19vkdHU7MSzUmN6W/OO1gwPB/0Q0Ewo5RUGeDEvGNNDpRE6UnaWW3S6+kJMy2ww518J+gcz+zoSSc/T9HL99kaIoXYlPv6Qvqwp/TNRrZTd+x6KTcMkgVb63PLgJv0+KbRH0xIt+50vUnYk3aFyEWhmWMZ+nGFjl3gvaooryRVUggKIFm1wn6ZAXRwkTCzIKFzjQ5elCop1ebH0VO3B2QuMMTah+4KJvET7rZxpGaYDhaxr++QqPJ7Qckgc6IOzN022Yv13SXvq8zGsEu4viaDIqOlHXzxhuXddI91U8EX7DbAPJJpvFhu1ywIi4UIKapLXcRSsmQLJaGpRZUHqFN/VHp9zfhq47DCu28O4NhEfYv6yL6HOWkGaf8tgANZhhc3+xV3sS5+ni3szKyrvgET2EeWHZMSaBB1PBAfDvg92TDPuBcFYzcTpgqHhnuGaQpIsvaOh+nZ7/lGEKIH4wXSv4IPbk6ktbWuf+AnIKxduWd+pBleiuiUHsfROpskrf2U9JriJh4f4TQm/URbmXFgP72tpNdP+CSkl/sQA+Keu5oYx9PZAARgXE4wNvz5+MhLu1FoX15dEcDAdkP1l0gl316B7lkAbuGqtscUuEb+xY0VFqBE3MYVqhgJA/akNUgOSZwv/LEyhLWdeIxC8YS5cLmKHqsTN0s4yPk7RO8UFSXsE4P5mpFs6ky3M637qvGu3XEx64/lydiBLQ3lpA4W3fsZJNqtTkdIbuZxhSTA0PKC8tWjmBfCBRIzSMzQ3U38fdMr5inVe1nymqRKKX29tYn6+S2Xg==
C:\Windows\tasks\800c58b7-8660-4cbc-b5ca-9f0ff3063682.job - C:\Program Files (x86)\videos+Media+Players\800c58b7-8660-4cbc-b5ca-9f0ff3063682.exe 002082 38EFC6E318A7491EBDA13769265E5304IE 64969 1411807717 93-0,102-0,104-0,184-0 videos+Media+Players
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\b529b11c-adb6-4646-90e9-ee85d6c0c4c0.job - C:\Program Files (x86)\videos+Media+Players\b529b11c-adb6-4646-90e9-ee85d6c0c4c0.exe /agentregpath='videos+Media+Players' /appid=64969 /srcid='002082' /subid='verticals-' /zdata='0' /bic=38EFC6E318A7491EBDA13769265E5304IE /verifier=f1fa1d8ee9edad575957311e22d0baa2 /installerversion=1_35_09_16 /installationtime=1411807717 /statsdomain=http://stats.newclientstaticsrv.com /errorsdomain=http://errors.newclientstaticsrv.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,184-0 /monetizationdomain=http://logs.newclientstaticsrv.com /runfrom='task' /externallog=''
C:\Windows\tasks\bda313f9-2dd8-482a-866a-2af430c8f6d7-1.job - C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-codedownloader.exe /rawdata=MYPLzxqd1kF4A1y8zjsrfCdvoz+a+keIBYyxaBP2JuBWCChGdVn6M78sOFTdCxcoXhAwVFyezXE68oOv64Wi1TYEpRNqfHjlo3xdPPASee9fTM0zGC5amobbJgOq5g5/WDJd+XHa66IZm0ZiTKPnrnXEC5m0NTKre5Y+crj1d2SS6WR1MRTBJ4qkgVHEs2jD1FPMn5eoYJcUyVVdxUfd1J2VkQz8Wus5vPb7fZwgQ1B9Pdjh06LhgWZt25EU5iooQOWsir/xny4xMLaD8ECv0gHvgmQ4mIMXkqHXPtqvSOH73hokv44cRwS5tc4F3W3EL+AcT+s0JJj/QFu/mfKqyXL3KUxtt4xEo1md1/OX7TUs8ZQUKd739x7o55GFnoC8606Q71e8FD9lmmf2H4Ke+IU8KiYkMHzFanYQ7opR2W+Pmj5qBYh8hd15fkHrPHD8t0P4lah0qhxMCbUpLmPIxamshbrTuFzITL/oZFQsQLZIz1Z8XJO24GwfEe1Mt2yhI2FAmzs5rvBwLFRG1rfGh6Fumwi8MRLJ2Zr7Db4dS08OGOydluUnHyc8h7rvoZ4IiI/xRfKvdcp9C18OOsg6/WPlfD4ASTdeTuHhnWAPx2apvJDJCsj865AUCYq9Y3l3neO2ucNfqoi4a+bFWhlRcdZ1rcZ+IXOb/eBKbrwgZ8PCZ/4epdiwjEmjsxut7e8LTRyhCxYlHlK8t2YK3kjlGJMCef4KQSjXrovTMBjDAexrwsedogcJp2PeJbuePqtbJjgaAT3gNL0OSAAJyxFpLZoBRQDwUXvYrPpRgvKlOxhHwFrijZIRD3VMbBsgACbmUmnh+2D7vtFiK26BgTMVChUtAbW4wk8n4OS9IM6nbpj4ABQYZZJN5BWl2HxPiPrFrmlQnZo69Syba34d1HJ6MwQ2ghOs2I6IpQzs/LVWTHmJvTcMH9rNdMO/owfHmcOijdjgM3b2+ke1WSnCgD57furAeXR6DUd7X04uyqqaQTN9sxQDAIebIF5oP2hWdge1xa8PWKdpjLOHQkJvQSa1IAwRgVQTZrhgISjJO5CEBXZU3zv9kYdSAzZwufr45OfaaL0Muw4Dj6jYUlsRmorTKjcUvZe0H55myHLh7ydu2YjbaJnjmdXGfqIFubAR/djHMh38XgPfrA4AdOD87Ed7Dc6sfCyXg5a0bjJmzMQklCY=
C:\Windows\tasks\bda313f9-2dd8-482a-866a-2af430c8f6d7-11.job - C:\Program Files (x86)\videos+Media+Players\bda313f9-2dd8-482a-866a-2af430c8f6d7-11.exe /rawdata=qDWio/NGXPTJy7vC3Fj1rCEzVz6VENpKdnaP+8Ds1BCVf8ENg7tWhY3egUaPerPPABoUlNwJ3K+RaeLbObDOFJRGUqXwSRlRirT9wPyZ8uL524PCQAiV7NOhvaBIH0ULoxUqKwnyLmKZ33GrDDI4aCM0KxUnV/1NlLxWYSvAhva18GEfTWJHm7q7F5pjZc8HPTlgwLFKObT47v/7+NGDsPy4YCP/r1AYCB3KDdLJDjGNWnNbE4rk2PrZFaXCOYfK5dGTDM7+MobgE99qr6YhH3100JHZ9kXUvTi6BxbSYJIBvGDhkvGJoDS+L1jFFKVp5e+Of12YlVvAWDVjUpMO4qznhmLTqPgwzYAV6F1JfclEfncFZgp1tNe4EtfIJMNJT624OjnA2zVC5Ibbqc346rCJW3aTjaQJQt1RWMIuYxf9ZRQiOZSPwjXJ3/de6O0HXTAOU7r7/GfjPFrrGqGGPKky9HhYT+zdFBBnCDekJ+XL4QPR0mhJoK6LrCByJo5OwoV96kB0VnoqY7zkSX5beEn+MUjoxtQ8M3sb1SJolHdPfS/uT+a6IKwo1b4cIORRnVb/CwJibk/Mtt35XSy1CuIaE15MWh5yq158R2cQrWsIL15Yqichfm4LJcgzRRXfLWEXZV7z9TMmWjWuVrSNK9ObkuasDjZoLMeXH0i046lK0nGoBQEICtQII6QyCpzJ+fbOovqQaSwuSf/GINk2Y+wSk07IBL+XysBmxEV3B+52v0/WAJc3zbMqok7rCMprkSOqmkU7dorinlPQHylHQbDFJZDAwuOkd9PUKW/DU+KB8SYTKR2rTX8k+3kwYjbLe9zP3pS3iM6PXIqR0H9dGDegbmiBpnU7lbEqE0amJLirGSaKY8VcCF+JLd8mnWxKvK6oJ3ADSXzFhGWw0StiJYMjFYKh1uio3TA4XEF0+eAzZmeMJOUmc1SMNVcQ7pG/W9PqHs74RB/t609vw0anxJp3XxXqIIQiNqLyA3MBrLt9EE2FNBl3Tl8dfvSov001LEwI7cjHfEZ6Y5no20OTJr3YoibRRojF9dKhwPJh259OCKQgFUggWp7hqfOCGuWEyAhv5Exz2zNGQRr8U7X4+6rNwYqTkA9jzQDjy2AnNYg6NlZeWrZmO9yb5Uci5LCvMUP3JdKtKkc6m7yR3cmOW6DAQtRhvCJlEB1rUN8or+UFSMEp0zpAisLAzIWnGohCB4C8WF3VBGoiGHyAqkVkBynxTAhFjBiPERr20tMJD+/zBuqgHZDM8dojHVeW5mR29IPKDtR4HWM4x4JfBzWkb6tqSEzlHq8TY0/hDxHtI1oGALJERQe3Q56BHsoZzDeEtpPffoV9CHA7Sx4+4c5aCcCnsIrTd9JK5sIw0ia9QoYDPrg4NlZmUl5FotLSTsS4GyPwONbzz7zd8IJuNO8DG3qYM+nJDVvsz3WXJjQKJoGS34cX8TthzGHblwHRzkOJBMNN8COStwG4IhXP1k2bBsLGp38IyPHPo/bujkmpTtRLDX3Ap4fwh4S0kde99YWbdde9GsG4Vu6qaEzUz0Rqlp/THJ/IEqpnnoAc4mZXyVUdiw2xKnSFMQBIrA/d7ooEKbMTYVc7rmtdw04kApAUBpMYUEZUwlsAJDEz0tS/FB/YFuhQij62mVf1wxX3thEKca5mjq9VVu/rJdtUvdmSqoKa4VbJE6iKHYBidwA1xwF+Ypgzd8V1+slQ30lIY+ifsVhP1Qz5aIVBARYNBc59GNv0XK6EV/DNLuO7cs1l+EEGDoR7HCfFsf1haQdwozeOTcE+k5YTRaJS3E7kWqZ3CKMFirVYbsXSTaGFoRSuvtswkEddT9HMSea5Qq+06kUW5KMHfFAsTG5oGJx+rQCGeE2kAgTBx17u160Ynpt70iqlefSImhEiywKsu7rPiNKVkp4w0Po53h30vA9FJv/fIYiZQJG/hSDGcr375vDG4EhbNDNkE7LdIie9/bL0vk/bPcJDEbr9c/fUGagd1niv5so+pvcHd6uGxoOkJGZTUrriu/EJvGEmW2YlNKuAqAme
C:\Windows\tasks\bda313f9-2dd8-482a-866a-2af430c8f6d7-2.job - C:\Program Files (x86)\videos+Media+Players\bda313f9-2dd8-482a-866a-2af430c8f6d7-2.exe /rawdata=Imp1TXENbRWxHDkkDf4dSLsz65qWainn3VjOAaXEots0iYs1ki0+9Mr/z4y1tB74cpqr2dIyNnV0H5PK1EIaj2mXgQdGaDuQSsrwWvZZ1mJA/2mt3jf4uIHmP5HLH8trZzDpf/scc+iRdGjLOT5K6pXqzwwuEg/fsrc6yo7VP0agXTuCrS89AgOfCnqPfXOMyX2iDEuJ4RS4VzvQupp66FsAEHalR1YXF9f6kbqmhfrcRCnQK75QmYxQs/i7BIte3HA+tMIwUsmbkTYkIQtAph9svO9ajWmAWDZujBYpjtnaYnwTdajUBGVr7vgzJ0tkvYTdsm7edKVY/g4KF3j1yamvOg8OoKc5IUAbu6CHpuMV64potMhTNCuR/de4qjiKQ4qa1mlrJtwGrYS7sM3LM4dd7sCVEuw397CGZvwuUwF/Lm14szVzHoErvRrfuovEM5yoiX7Vv3e0cfxqNICFeVN7erkVQxu+o8JrtoHQFG8RF8aYpl1/L9f3tM1PPzztF9mUdFalLE4beEwhTRlFySZUIBc7NQYaUxlpTQcFwt/gu3l5k4dZFaWU3MgUYmjuGYfZIvhNsPhfIK5FVkJEUU/3LCs91Dqjeoo/dCZlZwyppIUbRXvvyoPtUTjMkQmUHizmrxRIZuwkJ3QwyjmxKQvk63NuSYAHsRjNILj44NCmJEJCBHyzK8YZsg5ikhUR7SpVd4V1Twy9AjDLPhqIJQNixV9zPm+7fBAq5yK2ZbP0LgNt3unnAeGXAiN9Jsi2PkEngsY/eez6+vobb1+CNgoSJUBX9bFbwfLkFZDh393xiFCF9GTyh8FRsmIPzfEib1FcY+TadqedhWwjl7E9bg==
C:\Windows\tasks\bda313f9-2dd8-482a-866a-2af430c8f6d7-3.job - C:\Program Files (x86)\videos+Media+Players\bda313f9-2dd8-482a-866a-2af430c8f6d7-3.exe /rawdata=dWT0j2uOk9Dltc2jxz7aSL6sWpMRatpmu0slQXu38McJePw2FjWfsYrUOgZk/nCwer0mEVm80kSmOSRYlSh+J98HC1IDLza0yfcbp75uZsrj5MTrx/fzrVCmGmyARluiYxVE2Mht95jxtkQgzJG4DKctg64TxYn/lhBTleWVyBct/Y44Ox5E1XD55EmB6a2kJcV415RNeDjq0DgPrbp02ahoUJZQBTAMZ3Lq/RGriwwRvcwKqcbB/mkrWLjziaMVoOAft3BUDOvtup7C52l4YF8y+w/KmFsoso3Gw7CFi7s/Mfe/21Ml2gJCTkn6l3pn6lRYwrFCotEm0sSJ4NJbETbHDdQ5nyC4meX0J7xA/HLrDaF6qg8bGI33bYjp28wA/KgofY5/8Y3qSZgL07E++UaoxuJG3Els2ZWAUXZOkriK7smS6Y4Q9w4hI5FOpFEB8jU1KimvjysKWM1IvkafsRGXUUrIyI/xVj66zlOOk7aAx/FpYBTyvwJwXol3OWYuPOZDgP8r332AtVSDy5kTtjfOHH2a9lIS9+fFJTav2TFcvJjPKm+Uroh1c/iljNRqVnJP9YxIorPIJxd7aAmrEHp5nCfKCDOAkhXVmDwwcVFEH2kvnTA3SMvQXZgNcLJApMdmDZvjPJijD7PDl3bz7T+SFACQbmp7+LtvlNlt31hgbCgpOPPe3Ba8wpRLMidgdLVeHLmVffX8SV2eHMmB8p7/tQ8ggzkyMrsB2IBs9qYfgBR0VnHoEFyEGRg7fR+8j6y7ULD2+FNmC1ytRi/yGy4PWhgJZCzkue422vb7Qp7IcuEZqD0SQVr5lnQZsnEB4INM4RQnXu2lZenbC6J1FaT4W7Hj0z2F3YAXB8ywFocid/rT80Wk14Kh9jGkBQ/BQM4uWhBqg1+2bgU90IY9ICyb00vvNyJGU/tK05JGBZ/u2+u+KuvRY8hUwXcAquvqd4TphZ9APxbi7/In1/Km1zckVg9eODojxotGrZ69Ro9qB2uojy6BFco51NeWjed8Ez6ethIg3oE7tUEGAG/nlUFd5lrRMj1/padOkOYaaotVWC9bc9mZGktSJ39C6G6HtjXUt5JWoG8m5bacgTXTUEugrWD2G+ryWL+kwvDFiRJ/IdNXp8sAl18e2fXxmD6OH8UnE5hS+fhuwNPRuxdU68MB41ivb0FUB5s8Zor/lSAjSHIWoiYUq+23nYOF172+BC99utuN/jPp3WQOOYkIiHvp1FZNc1CmCJPUsUv0UipMZpM1wo0tCkYSNHFjRdkDBpXwM0P0E2MBNKCWqsJm9um4jtZlUYHg5DmLSzoNkr5xfNOPjWA2YyYyQrm6WP5A04J6mEc6d03nxGGXkvF6kg==
C:\Windows\tasks\bda313f9-2dd8-482a-866a-2af430c8f6d7-4.job - C:\Program Files (x86)\videos+Media+Players\bda313f9-2dd8-482a-866a-2af430c8f6d7-4.exe /rawdata=mEA7EH55XwRhWfSVlHLIAXf3x1DCN/k63QG0NtmL/V886Aui6ijV+4s0zZxuvPzhG7LsVbU/RC4MlL47a1YyFNcEy2INIhRJ0c4D6uhesd/kn5H+K4+iwHNVzE9hS+BRWHHFeaSXQ4Hs/fNU9Z5Hi+Qc3P99qXpn5MXTJN2ja58LlMSJmf23SxgtIwJl621u2V4+rCgyFxksiDUMX4/Hc1e8p3NSsMDe5kGzi38A7g1Bu9dk30kqpNzAH/HE/gkKFy3XUI7jmUVaZUb3GatCyNGou6J/JJZT2SpAWQbMRzO2U7NqW8aaHAuMblnYkz48DRBsuDaFZbyynzWCdD7NK2fKVBwwQmRTn+yjqSFyk6HFKTk89Hcv5HMyAJtBCDsrCjI7kO8YSGh1lWHPl2lTtgHkJlE/T34Hy93z0spCN33lSjnKqs9OPiyOeEchq0AaavUb8OAW23ezO4GwSH/Sitchh5X44lpVOwNzJ9S14CMXomOMt5XP9FXjuaCo5owsEF68zB3rImUKLNL6cz23EzUKC8VRgeSr+Dd8CXJsI4gGeK3VG7YC5TA5GGfmTWhSobe1QbMkeAiI9ZXcl0ae+4dkzgSE0csijZnB9Uo2KydIlaRWm0Yw5w1a/UXCxGxxs28GK4uGu74/2N0Krinw+4fko8bBBluJ89TL0AVjEMJNK4lkz0gIERcWshU2Rq8VpjJGJxMo1PbpRSOe1sCb0cLgZAJZElKDSYEdzlsnhA+NrDEWH/dzBRQaG702tLuI/sUcc27cLprzUD8Sv67M4CBmC+PzlhP7JRqKgequUEttukvxE2q8z5IcpSl2G2OMLLHLYeadgX/s8Hey1RAD4ErN7QO8WbdiBDtoPiG9Lbd28J0fDGfnwkjxc6T/A2N0i6UIGxIGBiOTaeZF8fE8C7dfYTQOvrEP2FGhoKyBq9KxVmu+C4JM4CyVqcKW8q71i0odA45ofrSflhseWRK1B+1VLIqS4vqEYSoOs7Ln243vj1s+W20Ut4eM4IMX2t3igsyT7UWhsjYgRESGgiziy7ZM1ykAom4s6Pr877n35yCv1YQz1yBUEIhwv6w+tfEgs3a+qgC13shrr5ejlgKNI/PluY1fyiyEM9B6SRW1JB2dlnZAI88BeMruoJ8jHBZ6zJ2YuEMTG/ADqZIbC1Gh4itG7yH1lIrPvWlZ4O7HrWBjyPpMUtJM9fulETj0zI8Ci+YT9KqQlvo0FmhnIdwZgjvg13CHHUp8oJcsXpIXzh3wTc11md21VQGK3UhGkhLYXSsU7CYYPKkP7vdDdeVuuB4E4urOTs5YbnKtAAh/sTaMUdXZEkO4fqUAotnZGbteofCTuegbALcbQxG+SAnLHyDByRIuR5c7hF6tI3Cv1ZIButRKK8AYzL5XyhXjySZ2vxGlVFobl01v+Qwpmt4lWYXK0V/xKX0LMfr223Hp2hdt6EQ7p0AKGdvTjPO2QzJvuscYE+pJov8VxK44Adq5JgGCAz3vZ0dma+V/FkpizNsZy+VLoTa8Ac2WsjJFL2DJBKrwwWbM8OR9eVpZvHQME/RttC7Qvy7TQFCYeRpeMlMMVH9s2LHIrKM9zCiCoyhWR+rnQnuucoLGsw2me3thi0H3K7YyoQwV9TGtklq7yrG5GE7bLUvM1hUb2LAlsTqR9g1KbVb06ZEvbN+S1XlLNttA+KesNOhZ8imoiOtxIqE=
C:\Windows\tasks\bda313f9-2dd8-482a-866a-2af430c8f6d7-5.job - C:\Program Files (x86)\videos+Media+Players\bda313f9-2dd8-482a-866a-2af430c8f6d7-5.exe /rawdata=nQ+2XJryNLEpyqN4Dc0UgKbHioj4VE7AYVa0STYVj1L1TUkWe/fZKWVI3IWoLxz94J+KYJ4dDdZoRSvAhmqo0sgJ/hN/h2ycN/sKEe94aQhhG9gFp66j9N1NsCAr23W+LsRDzj+JsXY266WC7lnzw06KcgDGnL+0S88lJosORLIoEhLe2PPqdFNS6Jt+ErJvL/9MUiqKqCQlOJsrADrZAzdEKYoon39NRv4HwY0xSJJTZZrEyx5mORcy039AMGm6+YelI6c0oAP4GwnY5yZFsgyr50pMlnH5lR8QxG26aDE/B/fNMcJLkfATa4/pkyExeg1Pm5YJqLzwjGCP9nkPtIY3mcKL3zjhZj9HOC77SC5v/IOnew6Qi/GpTxBlPMIiatUgBsOmjyJ2sbgO8Hv0u7cxKQP2wOIf4ncqDlccYBI1Vpg0SJsgEJ4w74DmMVJNPK16OHA6tH1rSkckDRVOvitfE6vXmNn8jBNXw0nWfReXuc58yk+FdeTy4YgcGGggWoDnHJqddVofldaFHrYKRYK7PsOiaAzElP5mlDiA71mb5D9GXW7yWLJB2mfAZ/Q8qcB4IySMXyoymaRgO/Gx6/4v0CLDx0RH4tiPmNT9jNkWzK5C9fV+2tHTXLkYNLvfqLP8d18hr4hPoJooDOESObF+fHQODkKJEfhG7tFB/6aKA4ddtEcY5RCIH0Mxgm/h+5gwIb3+bnmEdOa4flaUy2cAHUut6EKz8qEmmGcajt1Fjstrd66yAoRNA0nxz2ukMLsjHokuh0TNsSz0CMr6szYydKEJOtZH4CZ9wSCF/e+3JzkmWG2J/u0JSn2U4kSQ+mTp/sS8ua/Y4lErIzzV5x40UoGl5dehw7jDOkwZ482RLQg7ZRrMR7MBiGRfmm8OOYuOw4fZ6uyWmVSffkdN2c9oGN4spsLHSAlzZK+OebYs7XeFxd+ns+6S2vJH+DmyygUiv+8+k2lZAXA4jLCNeQddVxTWViQCy02OOczskeBlIqmZMjt9MBqu0pv+e1gs
C:\Windows\tasks\bda313f9-2dd8-482a-866a-2af430c8f6d7-5_user.job - C:\Program Files (x86)\videos+Media+Players\bda313f9-2dd8-482a-866a-2af430c8f6d7-5.exe /rawdata=nQ+2XJryNLEpyqN4Dc0UgKbHioj4VE7AYVa0STYVj1L1TUkWe/fZKWVI3IWoLxz94J+KYJ4dDdZoRSvAhmqo0sgJ/hN/h2ycN/sKEe94aQhhG9gFp66j9N1NsCAr23W+LsRDzj+JsXY266WC7lnzw06KcgDGnL+0S88lJosORLIoEhLe2PPqdFNS6Jt+ErJvL/9MUiqKqCQlOJsrADrZAzdEKYoon39NRv4HwY0xSJJTZZrEyx5mORcy039AMGm6+YelI6c0oAP4GwnY5yZFsgyr50pMlnH5lR8QxG26aDE/B/fNMcJLkfATa4/pkyExeg1Pm5YJqLzwjGCP9nkPtIY3mcKL3zjhZj9HOC77SC5v/IOnew6Qi/GpTxBlPMIiatUgBsOmjyJ2sbgO8Hv0u7cxKQP2wOIf4ncqDlccYBI1Vpg0SJsgEJ4w74DmMVJNPK16OHA6tH1rSkckDRVOvitfE6vXmNn8jBNXw0nWfReXuc58yk+FdeTy4YgcGGggWoDnHJqddVofldaFHrYKRYK7PsOiaAzElP5mlDiA71mb5D9GXW7yWLJB2mfAZ/Q8qcB4IySMXyoymaRgO/Gx6/4v0CLDx0RH4tiPmNT9jNkWzK5C9fV+2tHTXLkYNLvfqLP8d18hr4hPoJooDOESObF+fHQODkKJEfhG7tFB/6aKA4ddtEcY5RCIH0Mxgm/h+5gwIb3+bnmEdOa4flaUy2cAHUut6EKz8qEmmGcajt1Fjstrd66yAoRNA0nxz2ukMLsjHokuh0TNsSz0CMr6szYydKEJOtZH4CZ9wSCF/e+3JzkmWG2J/u0JSn2U4kSQ+mTp/sS8ua/Y4lErIzzV571xKKqj577gyLvNjjIoqd2n0V4cL6pnVL2mGoNAGidvPC1B7DO6+oQZ/iCrRik8Sx2tGJ2K4/nPmsLXtLSB2MZXUOlBxyEREzFcmtWc5ezeQazHOcM2z6P97vE9jvTTwBaWejkS7f2qduPb2NS44mo49xT8gjV5Gz+pbaxEV7p9
C:\Windows\tasks\bda313f9-2dd8-482a-866a-2af430c8f6d7-6.job - C:\Program Files (x86)\videos+Media+Players\bda313f9-2dd8-482a-866a-2af430c8f6d7-6.exe /rawdata=QPysLGd9WeWrCSv28XyYhFZF150E4vpsjj9nsEGT59b5EDYUVCO6FeJH+RS20v6j/H18HsEuoDE2rG+ihhwNnNa4pChLEG0pg0Z2aHLS/7K+mxPEBfoNtCTGqgUcjkPA96bVxp6ih7tXAPtehigLA6XQi3Yt4IsrDyTs1rzETxGuUow+Orcq9pkFoAdcVM4timIC+58ufko1+gZmyQ7SMr3XitrqhcB0o9h7/45VC9j6dpMYGMLEQaxmcyOBb/dQm5ZDVBGtX7c8vWz8V8Mk6yNz/nuifKA3wxhcxWs/fSeYxEOu+bMe+TdGbSc0AmSuMR4WrngNicCp0zM0MKksinK72yTJSLQgz12CN/lL5ZWvIvBd/+cMSZWgZq7d1qgl4qbFFeCezXfEODBikYwHFln1Rs0scPMV33Yxx5EV5GzcDUhe+I2PjKu8HO2tMSjZBv48yeEJTAR4IR0Zjlc4DyH6vo/8cFZ7WDM6ZFv8623xRL3L8iB7Nz1Dv+P5VUCPjRwEVxpeYqr85wOF9pitn6/piHxUdi+XHzQ2vhoej/Xsi6Hdd2P71UrkKuO6kuuTlqmgyG9AaHAjD0v23FDDZ6Cak1HDPqStbsDyY7RJz3Xh5hGQ5+DCvrnCVpCJAK/Zyx1BTqN0y6B0vvMq6jsFcZ+OHr//xkL7GBE9OamDIeeypy4Z0xJZhWd8fLNbgmXjaVTRweBKVgLMskfcuIzQpQtlQBTCPF7kJd+LaQPrA1Hdeq1RiP+hWxY3FqOUxQ67+5egU/QQZYL4UmAEiValiqtWNpOKeSVzsc1T5j74qcDxz+s9qdYSq6sCXu87NJio9W7uGzgJLzypyESW6f1PWRR0PfdYmzkL8y3QF6hkje3JUKtV4ZzT4+fmCnEtSV3baBdFXNRFGOJ8Su/MosbbX5UDULxUTNM45rV65iPjntR1CzVtjrXEBb1M1uIDyMp1sBwV3YacXTd3+4wiJnDsAgNhojArQEIONiKfneB6UgN48fy6M1jx0gFexVJpYZpvcpXnOITyTY2NC8BVMMP/6Q2OVS4mxLf1tRh4e5l3L2NUybFQ1gQHgrOoImMKbw0Ii/7msLwB0w0Y2UZ4wy9gUM2yBdsZRKAsHN1J1bJYJcDklXbLDGO+2QFzvDom3Z5zRmJp5G43LkqhqJcuAjolVYZcr1urCmYfpVf2aAV71zA=
C:\Windows\tasks\bda313f9-2dd8-482a-866a-2af430c8f6d7-7.job - C:\Program Files (x86)\videos+Media+Players\bda313f9-2dd8-482a-866a-2af430c8f6d7-7.exe /rawdata=oMMmSOwEFrsyZk7kK3huQIBHl/GoYVC07yERDmFqsmRx6mhXVJNzeTCUWIsGQE+elrCnlCMdy5Fru0sGF47az/u9/2W7M1qOBdMJeI9B9JoYHBJduR8eBeTdQ0dhPCZDfUTCj0s9l3uFHHe4vlUGd1VPT2lUDi7XW68Vs8ET6X0ba2KzObEUDZmHFLW1aBhWliWB6Pi+FjF0kr7LWzVrhuf3X/0VslAm+9sVAh+39xlEO5+MN5e6t1mdL/+/mlF+htpYFiMdT9C1pNYK7QHJjs1xwj3pC7Ot2XBEc/13du8XZNeNN20naaCVkvKgqU73T51B4gUVMeZWrfnnwJH20308AH3O6UHIgONdbqqg4Wi4G4KOOnUZHIoTwetRkdY9el81tRdPWntZ3ByJkvf6kSAE534B59eIG54x5aqzP2u/DbOOak9FYLVKXkFHAfaAwXjEiR0PNCbH3o+JsfLIslg9ovHd0XfsP26GV28drIgupIv0I7ygfHed2wAXGAO7ho9Ak0PP+0yp2OGctUrU7Hw30sqyWs/iorFkVO819tyuHjczBRzWVxKPEs3kCLciYwcyAnscR8iuGZne/33xVbReF40uV2j2T70rYT6Jy33o627e6Etm+uJuH82zeTMJpeTFQR78C5JYKRh65naohXDmf6ubmdjime0XCNIfe/oS8Ijn+9G7uC0yvFMTlHVl1ErXYs81IqoCq1mM1q8lSIB4Ls3I2sCGH3EgDW5GnihYABfixU6CjYRl1gEBXtn3sfzKfuG/E0fZD32MqEoEU36wbxWTHQaiIfW350kNWKJ2f1aQZFthTf1uJgUewM7H8pwhG0XEji9LF8clnquQ9F7whOaOpplld0wSP74cNvQDykiDcU3X3Zi/fnMnimvNIiXDQ3Ez9CxxVIkjkNGf3PjgCm77QPGWWYZe97178Bh0JISI65BdCmXhjCJjs9N78YCPqYYjMoYKGo97zjpilazCqJjt63RNlEy4HRJrf77nfWSQq7bHAiS9cbNzReohpcVhSQRS5QmSwifEwdOs1XhOfOXaGRH1ALRESdMBmgbXXGhLwrrXrJLfhPp9518NNMTQoRI3HkwJ1zevV6mwN2F+R7waXG/zsagnsIrJHjlLRGFISBmUS8qHqirrP+rWL/5Tp+FwfxW+9RHTff2wYUtSlmc957SnmmNHt3ph2zWTb8UcySQ2fs//XAD4MKPGqB5j/lpA+06ZWHwJGTQLxfvEhEcb2hTE1xA/z6i71Ap2scA9cWZIdIITtskqJq40irsN8lzz3Rdd9ckZ05/VYsub9v+f2z3EKeQ14RiGFZ01mBP5zOZFMS2Ue5k/zup6LXBDbQzCBQLKNRc7ggvEw8ePj3qO+xP2iwBlL0g0rCQdxbvN3Y1C6mWWYr8+qOvjdwwfeDDuRj+6f42d30aJ0V2oVgOFOsL+VxfodTG+sCVBICESuXTzKsAcKSJRLs7zNuRMHkMFETMtHn6u4mZjnmdUf47gQJZ2bDr2IVlyc4DW0ijHnQ6k4R1FlUYlIpFH
C:\Windows\tasks\f1e6ac8b-0a6a-4ed1-b271-43f2601817d6.job - C:\Program Files (x86)\Browsers+_App+_Pro+\f1e6ac8b-0a6a-4ed1-b271-43f2601817d6.exe 002142 585DE3547A5C45F09563DFB4A0D315EDIE 65055 1411807705 93-0,102-0,104-0,184-0 Browsers+_App+_Pro+
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\PennyBee.job - C:\Users\Domaci\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.EXE /Check

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}]
videos+Media+Players - C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-bho64.dll [2014-09-27 792480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}]
Browsers+_App+_Pro+ - C:\Program Files (x86)\Browsers+_App+_Pro+\Browsers+_App+_Pro+-bho64.dll [2014-09-27 792480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19396791-184A-2478-0E65-6F9922C64E28}]
Saferweb - C:\ProgramData\Saferweb\OaT.x64.dll [2014-10-19 712192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-14 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-14 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}]
videos+Media+Players - C:\Program Files (x86)\videos+Media+Players\videos+Media+Players-bho.dll [2014-09-27 584096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}]
Browsers+_App+_Pro+ - C:\Program Files (x86)\Browsers+_App+_Pro+\Browsers+_App+_Pro+-bho.dll [2014-09-27 584096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19396791-184A-2478-0E65-6F9922C64E28}]
Saferweb - C:\ProgramData\Saferweb\OaT.dll [2014-10-19 632832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-10-24 514016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a13d85a3-d31a-4f34-b4cd-fce576dc079e}]
Klip Pal - C:\Program Files (x86)\Klip Pal\KlipPalbho.dll [2014-10-24 250096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}]
MyStart Toolbar - C:\Program Files (x86)\mystarttb\mystartDx.dll [2014-06-04 114952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ccb24e92-62c4-4c53-95d2-65f9eed476bc} - MyStart Toolbar - C:\Program Files (x86)\mystarttb\mystartDx64.dll [2014-06-04 127240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{ccb24e92-62c4-4c53-95d2-65f9eed476bc} - MyStart Toolbar - C:\Program Files (x86)\mystarttb\mystartDx.dll [2014-06-04 114952]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"OfferBoulevard"=C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe [2014-09-09 378888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\PROGRA~3\PERFOR~1\PERFOR~2.DLL"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-25 16:43:51 ----D---- C:\Program Files\trend micro
2014-10-25 16:43:48 ----D---- C:\rsit
2014-10-25 16:36:46 ----D---- C:\Program Files (x86)\Microsoft Security Client
2014-10-25 16:36:43 ----D---- C:\Program Files\Microsoft Security Client
2014-10-25 16:36:35 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-10-25 16:36:35 ----A---- C:\Windows\system32\drivers\netio.sys
2014-10-24 19:15:24 ----A---- C:\Windows\system32\drivers\{3d0ff4a0-421f-4b33-a4ec-b4f95b34c8de}Gw64.sys
2014-10-24 18:18:39 ----D---- C:\Fraps
2014-10-24 18:15:06 ----D---- C:\ProgramData\IePluginServices
2014-10-24 18:14:59 ----D---- C:\Program Files (x86)\SupTab
2014-10-24 18:14:52 ----D---- C:\ProgramData\WindowsMangerProtect
2014-10-24 18:14:36 ----D---- C:\Users\Domaci\AppData\Roaming\webssearches
2014-10-24 18:13:22 ----D---- C:\Program Files (x86)\Klip Pal
2014-10-24 17:22:02 ----D---- C:\ProgramData\LizardSales
2014-10-19 20:45:18 ----D---- C:\ProgramData\4a9087abc83c2e4b
2014-10-19 20:45:05 ----D---- C:\ProgramData\Saferweb
2014-10-19 20:24:55 ----D---- C:\ProgramData\Performance Optimizer
2014-10-16 19:15:00 ----D---- C:\Windows\Minidump
2014-10-13 15:07:31 ----D---- C:\Users\Domaci\AppData\Roaming\OpenOffice
2014-10-13 14:25:16 ----D---- C:\Program Files (x86)\OpenOffice 4
2014-09-27 15:13:00 ----D---- C:\ProgramData\374311380
2014-09-27 10:56:53 ----D---- C:\Users\Domaci\AppData\Roaming\WinRAR
2014-09-27 10:56:45 ----D---- C:\Program Files\WinRAR
2014-09-27 10:48:49 ----D---- C:\ProgramData\EmailNotifier
2014-09-27 10:48:45 ----D---- C:\Program Files (x86)\videos+Media+Players
2014-09-27 10:48:34 ----D---- C:\Program Files (x86)\globalUpdate
2014-09-27 10:48:33 ----D---- C:\Program Files (x86)\Browsers+_App+_Pro+
2014-09-27 10:48:24 ----D---- C:\Program Files (x86)\mystarttb
2014-09-27 10:47:29 ----D---- C:\Program Files (x86)\HaoZip
2014-09-27 10:47:12 ----D---- C:\Users\Domaci\AppData\Roaming\PennyBee
2014-09-27 10:47:08 ----D---- C:\Program Files (x86)\OfferBoulevard

======List of files/folders modified in the last 1 month======

2014-10-25 16:44:24 ----D---- C:\Windows\Temp
2014-10-25 16:43:51 ----RD---- C:\Program Files
2014-10-25 16:42:40 ----SHD---- C:\System Volume Information
2014-10-25 16:38:31 ----A---- C:\Windows\win.ini
2014-10-25 16:38:07 ----D---- C:\Windows\winsxs
2014-10-25 16:38:03 ----D---- C:\Windows\system32\config
2014-10-25 16:37:16 ----D---- C:\Windows\system32\drivers
2014-10-25 16:37:09 ----D---- C:\Windows
2014-10-25 16:37:02 ----SHD---- C:\Windows\Installer
2014-10-25 16:36:49 ----D---- C:\Windows\system32\catroot
2014-10-25 16:36:46 ----SD---- C:\ProgramData\Microsoft
2014-10-25 16:36:46 ----RD---- C:\Program Files (x86)
2014-10-25 14:08:11 ----D---- C:\Windows\Prefetch
2014-10-25 11:51:10 ----D---- C:\Windows\System32
2014-10-25 11:51:10 ----D---- C:\Windows\inf
2014-10-25 11:51:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-24 21:53:31 ----D---- C:\Windows\system32\Tasks
2014-10-24 21:23:40 ----D---- C:\Users\Domaci\AppData\Roaming\.minecraft
2014-10-24 20:43:53 ----HD---- C:\ProgramData
2014-10-24 20:15:20 ----D---- C:\Windows\system32\GroupPolicy
2014-10-24 18:16:47 ----D---- C:\Windows\SysWOW64
2014-10-16 19:21:15 ----D---- C:\Program Files (x86)\Opera
2014-10-13 14:25:34 ----RSD---- C:\Windows\assembly
2014-10-13 14:25:20 ----RSD---- C:\Windows\Fonts
2014-10-13 13:47:22 ----D---- C:\Windows\system32\catroot2
2014-10-13 13:43:03 ----D---- C:\Windows\system32\wdi
2014-10-09 14:55:31 ----D---- C:\Windows\Tasks
2014-09-27 15:49:16 ----SD---- C:\Users\Domaci\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 {3d0ff4a0-421f-4b33-a4ec-b4f95b34c8de}Gw64;{3d0ff4a0-421f-4b33-a4ec-b4f95b34c8de}Gw64; C:\Windows\system32\drivers\{3d0ff4a0-421f-4b33-a4ec-b4f95b34c8de}Gw64.sys [2014-10-24 48784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-03-30 56448]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 892cc6a3;Performance Optimizer; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-28 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-10-24 714208]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 OfferBoulevard;OfferBoulevard service; C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe [2014-09-09 23040]
R2 Update Klip Pal;Update Klip Pal; C:\Program Files (x86)\Klip Pal\updateKlipPal.exe [2014-10-25 523504]
R2 Util Klip Pal;Util Klip Pal; C:\Program Files (x86)\Klip Pal\bin\utilKlipPal.exe [2014-10-25 523504]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-10-24 488960]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-27 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-27 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 116648]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim

Mate tam celou zoo i s babkou pokladni

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Tu vkládam nejdříve log ADWcleaner.
=====================================
# AdwCleaner v4.001 - Report created 25/10/2014 at 17:25:49
# DB v2014-10-23.2
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Professional (64 bits)
# Username : Domaci - DOMACI-PC
# Running from : C:\Users\Domaci\Desktop\adwcleaner_4.001.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
[#] Service Deleted : Update Klip Pal
[#] Service Deleted : Util Klip Pal
Service Deleted : {3d0ff4a0-421f-4b33-a4ec-b4f95b34c8de}Gw64

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\374311380
[!] Folder Deleted : C:\Program Files (x86)\globalUpdate
[!] Folder Deleted : C:\Users\Domaci\AppData\Local\globalUpdate
[!] Folder Deleted : C:\ProgramData\IePluginServices
[!] Folder Deleted : C:\Program Files (x86)\mystarttb
[!] Folder Deleted : C:\Users\Domaci\AppData\LocalLow\mystarttb
[!] Folder Deleted : C:\Users\Domaci\Documents\Optimizer Pro
[!] Folder Deleted : C:\Users\Domaci\AppData\Roaming\PennyBee
[!] Folder Deleted : C:\ProgramData\Performance Optimizer
[!] Folder Deleted : C:\Program Files (x86)\SupTab
[!] Folder Deleted : C:\Users\Domaci\AppData\Roaming\webssearches
[!] Folder Deleted : C:\ProgramData\WindowsMangerProtect
[!] Folder Deleted : C:\Program Files (x86)\OfferBoulevard
[!] Folder Deleted : C:\ProgramData\Saferweb
[!] Folder Deleted : C:\Program Files (x86)\Browsers+_App+_Pro+
[!] Folder Deleted : C:\Program Files (x86)\videos+Media+Players
[!] Folder Deleted : C:\Program Files (x86)\Klip Pal
[!] Folder Deleted : C:\Users\Domaci\AppData\Local\Temp\Klip Pal
[!] Folder Deleted : C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh
[!] Folder Deleted : C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
[!] Folder Deleted : C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\meplkhdfhmfdnnhlhpikjmdmhkfadehd
File Deleted : C:\Windows\System32\\drivers\{3d0ff4a0-421f-4b33-a4ec-b4f95b34c8de}Gw64.sys

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : LaunchSignup
Task Deleted : PennyBee
Task Deleted : 309a467d-57db-44f8-b51f-9766f20ef82e
Task Deleted : 715ffbbf-1673-4309-a8c4-526c3012bc07-1
Task Deleted : 715ffbbf-1673-4309-a8c4-526c3012bc07-11
Task Deleted : 715ffbbf-1673-4309-a8c4-526c3012bc07-2
Task Deleted : 715ffbbf-1673-4309-a8c4-526c3012bc07-3
Task Deleted : 715ffbbf-1673-4309-a8c4-526c3012bc07-4
Task Deleted : 715ffbbf-1673-4309-a8c4-526c3012bc07-5
Task Deleted : 715ffbbf-1673-4309-a8c4-526c3012bc07-5_user
Task Deleted : 715ffbbf-1673-4309-a8c4-526c3012bc07-6
Task Deleted : 715ffbbf-1673-4309-a8c4-526c3012bc07-7
Task Deleted : 800c58b7-8660-4cbc-b5ca-9f0ff3063682
Task Deleted : b529b11c-adb6-4646-90e9-ee85d6c0c4c0
Task Deleted : bda313f9-2dd8-482a-866a-2af430c8f6d7-1
Task Deleted : bda313f9-2dd8-482a-866a-2af430c8f6d7-11
Task Deleted : bda313f9-2dd8-482a-866a-2af430c8f6d7-2
Task Deleted : bda313f9-2dd8-482a-866a-2af430c8f6d7-3
Task Deleted : bda313f9-2dd8-482a-866a-2af430c8f6d7-4
Task Deleted : bda313f9-2dd8-482a-866a-2af430c8f6d7-5
Task Deleted : bda313f9-2dd8-482a-866a-2af430c8f6d7-5_user
Task Deleted : bda313f9-2dd8-482a-866a-2af430c8f6d7-6
Task Deleted : bda313f9-2dd8-482a-866a-2af430c8f6d7-7
Task Deleted : f1e6ac8b-0a6a-4ed1-b271-43f2601817d6

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Domaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\Users\Domaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Domaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Domaci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Domaci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Domaci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_v5_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_v5_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\saaferweb.saaferweb
Key Deleted : HKLM\SOFTWARE\Classes\saaferweb.saaferweb.1.8
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Klip Pal
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Klip Pal
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_3d-rad-free_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_3d-rad-free_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fraps_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fraps_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19396791-184A-2478-0E65-6F9922C64E28}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622492269}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622502255}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{a13d85a3-d31a-4f34-b4cd-fce576dc079e}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655495569}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655505555}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666496669}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666506655}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644494469}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644504455}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{26118726-ae46-4b8d-81c0-75dc986a7c1a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19396791-184A-2478-0E65-6F9922C64E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a13d85a3-d31a-4f34-b4cd-fce576dc079e}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{19396791-184A-2478-0E65-6F9922C64E28}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a13d85a3-d31a-4f34-b4cd-fce576dc079e}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19396791-184A-2478-0E65-6F9922C64E28}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a13d85a3-d31a-4f34-b4cd-fce576dc079e}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{19396791-184A-2478-0E65-6F9922C64E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{607B689F-7600-45E4-B8E5-887F72DAB15C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D4A4BC-F7CD-436E-B1FA-25637BA0F5BE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCB24E92-62C4-4C53-95D2-65F9EED476BC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{19396791-184A-2478-0E65-6F9922C64E28}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611491169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611501155}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622492269}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622502255}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655495569}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655505555}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666496669}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666506655}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19396791-184A-2478-0E65-6F9922C64E28}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCB24E92-62C4-4C53-95D2-65F9EED476BC}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{607B689F-7600-45E4-B8E5-887F72DAB15C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D4A4BC-F7CD-436E-B1FA-25637BA0F5BE}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\PennyBee
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\Klip Pal
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\mystarttb
Key Deleted : HKCU\Software\AppDataLow\Software\Browsers+_App+_Pro+
Key Deleted : HKCU\Software\AppDataLow\Software\videos+Media+Players
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Email Notifier
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\mystarttb
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\Browsers+_App+_Pro+
Key Deleted : HKLM\SOFTWARE\videos+Media+Players
Key Deleted : HKLM\SOFTWARE\Klip Pal
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PennyBee
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F488658-35A7-2AB8-A756-560BA8F103C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystarttb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsers+_App+_Pro+
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videos+Media+Players
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Klip Pal
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\perfor~1\perfor~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\PERFOR~1\PERFOR~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v37.0.2062.124


*************************

AdwCleaner[R0].txt - [24338 octets] - [25/10/2014 17:24:19]
AdwCleaner[S0].txt - [22577 octets] - [25/10/2014 17:25:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22638 octets] ##########

Pokracujte Zoekem

... a teď zoek:
===============================

Zoek.exe v5.0.0.0 Updated 24-10-2014
Tool run by Domaci on so 25. 10. 2014 at 17:41:10,79.
Microsoft Windows 7 Professional 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Domaci\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25. 10. 2014 17:42:42 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OfferBoulevard deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\OfferBoulevard deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Launcher.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~3\374311380 deleted
C:\PROGRA~3\4a9087abc83c2e4b deleted
C:\PROGRA~3\EmailNotifier deleted
C:\Users\Domaci\AppData\Local\ICSharpCode.net deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\ICSharpCode.net deleted
C:\Users\Domaci\Downloads\iLividSetup-r423-n-bc.exe deleted
C:\Users\Domaci\Downloads\SoftonicDownloader_for_3d-rad-free.exe deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Domaci\Desktop\amddriverdownloader.exe deleted
"C:\PROGRA~2\Windows Portable Devices" deleted

==== Chromium Look ======================

Docs - Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
epanfjkfahimkgomnigadpkobaefekcd - Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd
hdmbinomkfhmgknkoicejolfdfjeajmk - Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmbinomkfhmgknkoicejolfdfjeajmk
Browsers+_App+_Pro+ - Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
videos+Media+Players - Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\mclkkofklkfljcocdinagocijmpgbhab
IP to Location - Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgjnhglhidbpdjbabpaglmpfofcidnm
Browsers+_App+_Pro+ - Domaci\AppData\Roaming\Opera Software\Opera Stable\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
videos+Media+Players - Domaci\AppData\Roaming\Opera Software\Opera Stable\Extensions\kjpifmjicccpbkfjdkehimhgklfkbanh

==== Chromium Startpages ======================

C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.mystart.com/?pr=vmn&id=mysta ... 8&src=5108",
"startup_urls": [ "http://www.mystart.com/?pr=vmn&id=mysta ... 8&src=5108" ],


==== Chromium Fix ======================

C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgjnhglhidbpdjbabpaglmpfofcidnm deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdgjnhglhidbpdjbabpaglmpfofcidnm_0.localstorage deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdgjnhglhidbpdjbabpaglmpfofcidnm_0.localstorage-journal deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hoidflomjnnnbiemmkjdjkkialmhbago_0.localstorage deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hoidflomjnnnbiemmkjdjkkialmhbago_0.localstorage-journal deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_hoidflomjnnnbiemmkjdjkkialmhbago_0.localstorage deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_hoidflomjnnnbiemmkjdjkkialmhbago_0.localstorage-journal deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hoidflomjnnnbiemmkjdjkkialmhbago_0 deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hoidflomjnnnbiemmkjdjkkialmhbago deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_hoidflomjnnnbiemmkjdjkkialmhbago_0 deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\hoidflomjnnnbiemmkjdjkkialmhbago deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\mclkkofklkfljcocdinagocijmpgbhab deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mclkkofklkfljcocdinagocijmpgbhab_0.localstorage deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mclkkofklkfljcocdinagocijmpgbhab_0.localstorage-journal deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mclkkofklkfljcocdinagocijmpgbhab_0 deleted successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mclkkofklkfljcocdinagocijmpgbhab deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Extensions\kjpifmjicccpbkfjdkehimhgklfkbanh deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_kjpifmjicccpbkfjdkehimhgklfkbanh_0.localstorage deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_kjpifmjicccpbkfjdkehimhgklfkbanh_0.localstorage-journal deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_kjpifmjicccpbkfjdkehimhgklfkbanh_0 deleted successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\kjpifmjicccpbkfjdkehimhgklfkbanh deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Domaci\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OfferBoulevard deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Domaci\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Domaci\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Domaci\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=489 folders=81 13642527 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Domaci\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Domaci\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Domaci\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on so 25. 10. 2014 at 18:15:56,89 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Díky, vkládám log FSRT, a pťikládám zabalené Addition.
=========================================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2014
Ran by Domaci (administrator) on DOMACI-PC on 25-10-2014 18:35:13
Running from C:\Users\Domaci\Desktop
Loaded Profile: Domaci (Available profiles: Domaci)
Platform: Windows 7 Professional (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
() C:\Program Files (x86)\Opera\25.0.1614.50\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
(forum.viry.cz) C:\Users\Domaci\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [OfferBoulevard] => C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.sk/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0F3D37E8DBCDCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-11]
CHR Extension: (epanfjkfahimkgomnigadpkobaefekcd) - C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-10-03]
CHR Extension: (hdmbinomkfhmgknkoicejolfdfjeajmk) - C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmbinomkfhmgknkoicejolfdfjeajmk [2014-10-02]
CHR Extension: (Peněženka Google) - C:\Users\Domaci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 892cc6a3; "C:\Windows\system32\rundll32.exe" "c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll",service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 18:35 - 2014-10-25 18:35 - 00006759 _____ () C:\Users\Domaci\Desktop\FRST.txt
2014-10-25 18:34 - 2014-10-25 18:35 - 00000000 ____D () C:\FRST
2014-10-25 18:33 - 2014-10-25 18:33 - 02112512 _____ (Farbar) C:\Users\Domaci\Desktop\FRST64.exe
2014-10-25 18:31 - 2014-10-25 18:31 - 00112640 _____ (forum.viry.cz) C:\Users\Domaci\Desktop\FRSTLauncher.exe
2014-10-25 17:50 - 2014-10-25 17:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-25 17:42 - 2014-10-25 18:15 - 00013857 _____ () C:\zoek-results.log
2014-10-25 17:41 - 2014-10-25 17:49 - 00000000 ____D () C:\zoek_backup
2014-10-25 17:40 - 2014-09-09 07:36 - 01290240 _____ () C:\Users\Domaci\Desktop\zoek.exe
2014-10-25 17:39 - 2014-10-25 17:39 - 04114148 _____ () C:\Users\Domaci\Downloads\zoek.zip
2014-10-25 17:38 - 2014-10-25 17:38 - 00000680 _____ () C:\Users\Domaci\Desktop\zoek.htm
2014-10-25 17:29 - 2014-10-25 17:29 - 01962496 _____ () C:\Users\Domaci\Downloads\adwcleaner_4.001.exe
2014-10-25 17:24 - 2014-10-25 17:26 - 00000000 ____D () C:\AdwCleaner
2014-10-25 17:22 - 2014-10-25 17:22 - 01962496 _____ () C:\Users\Domaci\Desktop\adwcleaner_4.001.exe
2014-10-25 16:48 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-25 16:48 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-25 16:48 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-25 16:48 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-25 16:48 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-25 16:48 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-25 16:48 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-25 16:47 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-25 16:47 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-25 16:43 - 2014-10-25 16:44 - 00000000 ____D () C:\rsit
2014-10-25 16:43 - 2014-10-25 16:44 - 00000000 ____D () C:\Program Files\trend micro
2014-10-25 16:37 - 2014-10-25 16:37 - 00002154 _____ () C:\Windows\epplauncher.mif
2014-10-25 16:37 - 2014-10-25 16:37 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-10-25 16:36 - 2014-10-25 16:37 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-25 16:36 - 2014-10-25 16:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-25 16:36 - 2010-04-09 13:06 - 01898376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-25 16:36 - 2010-04-09 13:06 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-10-25 16:33 - 2014-10-25 16:34 - 14108320 _____ (Microsoft Corporation) C:\Users\Domaci\Downloads\mseinstall (1).exe
2014-10-25 16:32 - 2014-10-25 16:32 - 01222144 _____ () C:\Users\Domaci\Downloads\RSITx64.exe
2014-10-25 16:03 - 2014-10-25 16:09 - 00000000 ____D () C:\Users\Domaci\Desktop\PROGRAMY
2014-10-24 21:53 - 2014-10-24 21:53 - 00003142 _____ () C:\Windows\System32\Tasks\FRAPS
2014-10-24 21:23 - 2014-10-24 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-10-24 21:22 - 2014-10-24 21:22 - 02624102 _____ () C:\Users\Domaci\Downloads\Beepa.Fraps.v3.5.9. Elite48x.rar
2014-10-24 20:43 - 2014-10-25 17:56 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-10-24 18:18 - 2014-10-25 09:51 - 00000000 ____D () C:\Fraps
2014-10-24 18:15 - 2014-10-24 18:15 - 07463237 _____ () C:\Users\Domaci\Downloads\OBS_0_637b_Installer.exe
2014-10-24 17:22 - 2014-10-24 17:22 - 00000000 ____D () C:\ProgramData\LizardSales
2014-10-21 21:25 - 2014-10-21 21:26 - 05933836 _____ () C:\Users\Domaci\Downloads\huzuni new.zip
2014-10-16 19:15 - 2014-10-16 19:15 - 00276088 _____ () C:\Windows\Minidump\101614-11575-01.dmp
2014-10-16 19:15 - 2014-10-16 19:15 - 00000000 ____D () C:\Windows\Minidump
2014-10-16 19:14 - 2014-10-16 19:14 - 324505724 _____ () C:\Windows\MEMORY.DMP
2014-10-13 21:35 - 2014-10-13 21:36 - 00000000 ____D () C:\Users\Domaci\Desktop\ANJ
2014-10-13 15:07 - 2014-10-13 15:07 - 00000000 ____D () C:\Users\Domaci\AppData\Roaming\OpenOffice
2014-10-13 14:25 - 2014-10-13 14:25 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-10-13 14:25 - 2014-10-13 14:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-10-13 13:47 - 2014-10-13 13:47 - 00000000 ____D () C:\Users\Domaci\Desktop\OpenOffice 4.1.1 (cs) Installation Files
2014-10-08 21:14 - 2014-10-08 21:14 - 00000692 _____ () C:\Users\Domaci\Desktop\ftgfg.cmp
2014-09-27 10:56 - 2014-09-27 10:56 - 00000000 ____D () C:\Users\Domaci\AppData\Roaming\WinRAR
2014-09-27 10:56 - 2014-09-27 10:56 - 00000000 ____D () C:\Users\Domaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-27 10:56 - 2014-09-27 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-27 10:56 - 2014-09-27 10:56 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-27 10:55 - 2014-09-27 10:55 - 01922688 _____ () C:\Users\Domaci\Downloads\winrar-x64-511.exe
2014-09-27 10:47 - 2014-10-05 21:42 - 00000000 ____D () C:\Users\Domaci\Desktop\minecraft annihilation server
2014-09-27 10:47 - 2014-09-27 10:47 - 00000000 ____D () C:\Program Files (x86)\HaoZip
2014-09-25 20:42 - 2014-09-25 20:47 - 135170802 _____ () C:\Users\Domaci\Downloads\oo-setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 18:34 - 2014-09-11 20:06 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-25 18:27 - 2014-09-11 20:06 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-25 18:23 - 2014-09-11 20:06 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-25 18:18 - 2014-09-11 20:06 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-25 18:18 - 2014-09-11 20:06 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-25 18:16 - 2014-09-10 15:54 - 00386996 _____ () C:\Windows\WindowsUpdate.log
2014-10-25 18:08 - 2009-07-14 06:51 - 00030110 _____ () C:\Windows\setupact.log
2014-10-25 18:03 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-25 18:03 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-25 18:01 - 2009-07-14 17:18 - 00657598 _____ () C:\Windows\system32\perfh005.dat
2014-10-25 18:01 - 2009-07-14 17:18 - 00139284 _____ () C:\Windows\system32\perfc005.dat
2014-10-25 18:01 - 2009-07-14 07:13 - 01575230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-25 17:56 - 2014-09-11 20:30 - 00005670 _____ () C:\Windows\PFRO.log
2014-10-25 17:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-25 17:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-10-25 17:26 - 2014-09-10 14:20 - 00000925 _____ () C:\Users\Domaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-25 17:26 - 2014-09-10 14:20 - 00000857 _____ () C:\Users\Domaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-10-25 16:38 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-10-24 21:23 - 2014-09-14 15:12 - 00000000 ____D () C:\Users\Domaci\AppData\Roaming\.minecraft
2014-10-16 19:21 - 2014-09-11 18:20 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410452434
2014-10-16 19:21 - 2014-09-11 18:20 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-13 20:08 - 2014-09-11 19:18 - 00063568 _____ () C:\Users\Domaci\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-13 19:32 - 2009-07-14 06:45 - 00292832 _____ () C:\Windows\system32\FNTCACHE.DAT

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-27 11:29




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:390.62 GB) (Free:362.09 GB) NTFS
Drive d: () (Fixed) (Total:540.79 GB) (Free:540.68 GB) NTFS

Available physical RAM: 2712.55 MB
Total physical RAM: 4093.55 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5A7A687E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.8 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Domaci\Desktop" je 167 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM-x32\...\Run: [OfferBoulevard] => C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0F3D37E8DBCDCF01
  
  S2 892cc6a3; "C:\Windows\system32\rundll32.exe" "c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll",service
  
  C:\Program Files (x86)\OfferBoulevard
  2014-10-25 18:35 - 2014-10-25 18:35 - 00006759 _____ () C:\Users\Domaci\Desktop\FRST.txt
  2014-10-25 18:31 - 2014-10-25 18:31 - 00112640 _____ (forum.viry.cz) C:\Users\Domaci\Desktop\FRSTLauncher.exe
  2014-10-25 17:50 - 2014-10-25 17:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-10-25 17:42 - 2014-10-25 18:15 - 00013857 _____ () C:\zoek-results.log
  2014-10-25 17:41 - 2014-10-25 17:49 - 00000000 ____D () C:\zoek_backup
  2014-10-25 17:40 - 2014-09-09 07:36 - 01290240 _____ () C:\Users\Domaci\Desktop\zoek.exe
  2014-10-25 17:39 - 2014-10-25 17:39 - 04114148 _____ () C:\Users\Domaci\Downloads\zoek.zip
  2014-10-25 17:38 - 2014-10-25 17:38 - 00000680 _____ () C:\Users\Domaci\Desktop\zoek.htm
  2014-10-25 17:29 - 2014-10-25 17:29 - 01962496 _____ () C:\Users\Domaci\Downloads\adwcleaner_4.001.exe
  2014-10-25 17:24 - 2014-10-25 17:26 - 00000000 ____D () C:\AdwCleaner
  2014-10-25 17:22 - 2014-10-25 17:22 - 01962496 _____ () C:\Users\Domaci\Desktop\adwcleaner_4.001.exe
  2014-10-25 16:43 - 2014-10-25 16:44 - 00000000 ____D () C:\rsit
  2014-10-25 16:43 - 2014-10-25 16:44 - 00000000 ____D () C:\Program Files\trend micro
  2014-10-25 16:32 - 2014-10-25 16:32 - 01222144 _____ () C:\Users\Domaci\Downloads\RSITx64.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Vkládám Fixlog.txt, co se vytvoťil na ploše:
======================================
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-10-2014
Ran by Domaci at 2014-10-25 18:57:58 Run:1
Running from C:\Users\Domaci\Desktop
Loaded Profile: Domaci (Available profiles: Domaci)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [OfferBoulevard] => C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0F3D37E8DBCDCF01

S2 892cc6a3; "C:\Windows\system32\rundll32.exe" "c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll",service

C:\Program Files (x86)\OfferBoulevard
2014-10-25 18:35 - 2014-10-25 18:35 - 00006759 _____ () C:\Users\Domaci\Desktop\FRST.txt
2014-10-25 18:31 - 2014-10-25 18:31 - 00112640 _____ (forum.viry.cz) C:\Users\Domaci\Desktop\FRSTLauncher.exe
2014-10-25 17:50 - 2014-10-25 17:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-25 17:42 - 2014-10-25 18:15 - 00013857 _____ () C:\zoek-results.log
2014-10-25 17:41 - 2014-10-25 17:49 - 00000000 ____D () C:\zoek_backup
2014-10-25 17:40 - 2014-09-09 07:36 - 01290240 _____ () C:\Users\Domaci\Desktop\zoek.exe
2014-10-25 17:39 - 2014-10-25 17:39 - 04114148 _____ () C:\Users\Domaci\Downloads\zoek.zip
2014-10-25 17:38 - 2014-10-25 17:38 - 00000680 _____ () C:\Users\Domaci\Desktop\zoek.htm
2014-10-25 17:29 - 2014-10-25 17:29 - 01962496 _____ () C:\Users\Domaci\Downloads\adwcleaner_4.001.exe
2014-10-25 17:24 - 2014-10-25 17:26 - 00000000 ____D () C:\AdwCleaner
2014-10-25 17:22 - 2014-10-25 17:22 - 01962496 _____ () C:\Users\Domaci\Desktop\adwcleaner_4.001.exe
2014-10-25 16:43 - 2014-10-25 16:44 - 00000000 ____D () C:\rsit
2014-10-25 16:43 - 2014-10-25 16:44 - 00000000 ____D () C:\Program Files\trend micro
2014-10-25 16:32 - 2014-10-25 16:32 - 01222144 _____ () C:\Users\Domaci\Downloads\RSITx64.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\OfferBoulevard => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully.
892cc6a3 => Service deleted successfully.
"C:\Program Files (x86)\OfferBoulevard" => File/Directory not found.
C:\Users\Domaci\Desktop\FRST.txt => Moved successfully.
C:\Users\Domaci\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Domaci\Desktop\zoek.exe => Moved successfully.
C:\Users\Domaci\Downloads\zoek.zip => Moved successfully.
C:\Users\Domaci\Desktop\zoek.htm => Moved successfully.
C:\Users\Domaci\Downloads\adwcleaner_4.001.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Domaci\Desktop\adwcleaner_4.001.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Domaci\Downloads\RSITx64.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 7.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Fajn, jak se chova PC??

Popisované problémy zmizely.
Je to konec procedúry???
Jestli áno tak vřelé díky.

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse