testování na virustotal proběhlo úplně v pořádku a přikládám ten log z zoek.exe:
Zoek.exe v5.0.0.0 Updated 12-December-2014
Tool run by Adam on so 13.12.2014 at 17:57:53,05.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Adam\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
13.12.2014 18:01:03 Zoek.exe System Restore Point Created Succesfully.
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\TomTom DesktopSuite deleted successfully
C:\Program Files\Blender Foundation deleted successfully
C:\Program Files\Soluto deleted successfully
C:\Program Files\Symantec deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Twilight deleted successfully
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully
C:\Users\Adam\AppData\Roaming\The Complete Genealogy Reporter - FTB deleted successfully
C:\Users\Adam\AppData\Roaming\update_tc deleted successfully
C:\Users\Adam\AppData\Local\CrashDumps deleted successfully
C:\Users\Adam\AppData\Local\RefSrcSymbols deleted successfully
C:\Users\Adam\AppData\Local\SymbolSourceSymbols deleted successfully
C:\Users\Adam\AppData\Local\VirtualStore deleted successfully
C:\Users\Adam\AppData\Local\WarThunder deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\5hln6vgf.default-1393747057061
user.js not found
---- Lines
FFPDFArchitectConverter@pdfarchitect.com modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----
prefs_13.12.2014_1816_.backup
ProfilePath: C:\Users\Adam\AppData\Roaming\penguinpop-27e90b3d44db93d2ae695bec675bd9c6\Profiles\0n4uxh0n.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_13.12.2014_1816_.backup
ProfilePath: C:\Users\Adam\AppData\Roaming\TomTom\HOME\Profiles\80anx1fs.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_13.12.2014_1816_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
C:\Users\Adam\.android deleted
C:\PROGRA~2\Mobogenie3 deleted
C:\PROGRA~2\Surgeon Simulator 2013 (Full Version) deleted
C:\PROGRA~2\Surgeon Simulator 2013 save 100 deleted
C:\PROGRA~2\sweetpacks bundle uninstaller_SweetPlayer_1348381 deleted
C:\Users\Adam\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Adam\AppData\Local\cache deleted
C:\Users\Adam\Downloads\ReimageRepair.exe deleted
C:\Users\Adam\Downloads\SoftonicDownloader_for_sumotori-dreams.exe deleted
C:\Users\Adam\AppData\LocalLow\boost_interprocess deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Windows\sysWoW64\config\systemprofile\Documents\Mobogenie deleted
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\5hln6vgf.default-1393747057061\jetpack deleted
C:\Users\Adam\Desktop\Google Maps Downloader.lnk deleted
C:\Users\Adam\openscad.exe deleted
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\5hln6vgf.default-1393747057061\extensions\
r2d2b2g@mozilla.org deleted
"C:\Users\Adam\AppData\Roaming\wld\7za.exe" deleted
"C:\Users\Adam\AppData\Roaming\wld" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"
FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []
==== Firefox Extensions ======================
ProfilePath: C:\Users\Adam\AppData\Roaming\TomTom\HOME\Profiles\80anx1fs.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\
MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\
baseTheme@tomtom.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\5hln6vgf.default-1393747057061
06DBB13F22F34314D8FB57D1139EBB67 - C:\Users\Adam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director
B60B2639CE10F1377E5B87C733D78DFB - C:\Users\Adam\AppData\Local\Autodesk\123DPlugins\Autodesk 123D Shapes321.0.129\npAutodesk123DShapes32.dll - Autodesk 123D Shapes
F2CD1D7524F8E15AAC55568B9F72DE5B - C:\ProgramData\NexonEU\NGM\npnxgameEU.dll - Nexon Game Controller
6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller
FDB2F7681A36AD24E656A5FF19AEA013 - C:\Users\Adam\AppData\Roaming\Autodesk\Autodesk123D32\1.0.7\npAutodesk123D32.dll - Autodesk 123D
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
B78F4C2C592C87DF54E8E0C6AAEF3874 - C:\Users\Adam\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
58F41CA8F9C2014709F9547B2B81A468 - C:\Windows\SysWoW64\Macromed\Flash\NPSWF32.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 38.0.2125.104 (Possible outdated, latest Stable version: 39.0.2171.95)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iikflkcanblccfahdhdonehdalibjnif - No path found[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx[20.09.2014 09:52]
Theme Creator - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc
Guitar Tuner - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglmpmegfnbclojedloihcbkemoiddi
Sumo Paint - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod
Creately - Online Diagramming - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\figjjaggcjcojopflaabmebmocabdglm
SOLE 64 - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\henmjlkeiiclnbeomllgmojdeedomape
Vector Paint - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbpdiengicdefcjecjbnjnoifekhgdo
Sketchpad - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp
ButtonBeats Guitar - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf
Sopogy Helios - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncoicgmgmchcilgcginajkgoclbgkch
Psykopaint - Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="
http://www.reerd.com"
"Search Page"="
http://www.google.com"
"Search Bar"="
http://www.google.com/ie"
"Default_Search_URL"="
http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="
http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="
http://www.google.com/ie"
"Default_Search_URL"="
http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="
http://www.reerd.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="
http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="
http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="
http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="
http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="
http://www.google.com/search?q={sear"
{847A7D5F-ADBA-42CF-B74C-EEC199B95B26} Google Url="
http://www.google.com/search?q={searchT ... f8&oe=utf8"
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\
FFPDFArchitectConverter@pdfarchitect.com deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Adam\AppData\Local\Mozilla\Firefox\Profiles\5hln6vgf.default-1393747057061\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2140 folders=310 408982681 bytes)
==== Empty Temp Folders ======================
C:\Users\Adam\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\MSSQL$SQLEXPRESS\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Adam\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 13.12.2014 at 18:36:53,33 ======================
Odinstalujte Skype Click to Call
