VIRY.CZ

Prosím o kontrolu logu

Logfile of random's system information tool 1.10 (written by random/random)
Run by Filip at 2015-01-09 19:52:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 4 GB (7%) free of 60 GB
Total RAM: 4026 MB (7% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:56:49, on 9.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1437\jsdrv.exe
C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Filip\AppData\Roaming\Browser Extensions\CouponsHelper.exe
C:\Users\Filip\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe
C:\Users\Filip\AppData\Roaming\Search Protection\SP.exe
C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Yawtix\bin\Yawtix.expext.exe
C:\Users\Filip\AppData\Local\Temp\~nsu.tmp\Au_.exe
D:\Download\RSIT.exe
C:\Program Files (x86)\trend micro\Filip.exe
C:\Users\Filip\AppData\Local\Temp\~nsu.tmp\Bu_.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... m?affID=na
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Extensions - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Filip\AppData\Roaming\Browser Extensions\Coupons.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1437\jsdrv.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [SpeedItupFree] "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1437\jsdrv.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files (x86)\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Browser Extensions] "C:\Users\Filip\AppData\Roaming\Browser Extensions\CouponsHelper.exe"
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\Filip\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe
O4 - HKCU\..\Run: [Search Protection] "C:\Users\Filip\AppData\Roaming\Search Protection\SP.EXE" /autostart
O4 - HKCU\..\Run: [S60 PC Suite Tray] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe" -onlytray
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Samsung.PCSync] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Samsung.PCSync] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané FDM - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše FDM - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MaintainerSvc5.70.609258 - Unknown owner - C:\ProgramData\dfed7653-07f4-44f2-abaa-a70c946c17c3\maintainer.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: ShopperPro Update (SPBIUpd) - ShopperPro - C:\Program Files\Common Files\ShopperPro\spbiu.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Yawtix - Unknown owner - C:\Program Files (x86)\Yawtix\updateYawtix.exe
O23 - Service: Util Yawtix - Unknown owner - C:\Program Files (x86)\Yawtix\bin\utilYawtix.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11467 bytes

======Scheduled tasks folder======

C:\Windows\tasks\6b144b32-e986-48bc-9bb6-1646fce85034-1.job - C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe /XbItjrAs /jwRJw=task /nDFKEHvF='Object Browser' /ZXacAtCfK=32850 /uTauHmn='000037' /HNjTQtEr='0' /UHxssHkt='0' /BnDQkZo=51062B776DF44FE7BEA938E76308CC49IE /wyAOrlqa=e1c72331b84dfca9879c3f199edc72fc /bGMKndn=1_34_04_10 /lyzLXka=1.34.4.10 /VAcPC=1399396324 /KCjIuLgj=http://stats.clientdemostack.com /GOEwt=http://errors.clientdemostack.com /IsMeKTU=http://js.clientdemostack.com /mJxJJLh=ff /imrGDm /FfuPo='http://update.clientdemostack.com/ie_co ... pdate.json' /jwRJw='task' /rfptHS=''
C:\Windows\tasks\6b144b32-e986-48bc-9bb6-1646fce85034-3.job - C:\Program Files (x86)\Object Browser\6b144b32-e986-48bc-9bb6-1646fce85034-3.exe /bindBsrEt=ZhQicFqQIY7dHOVb4ydqgjnwD29L7owvUVWNCT4TXiXGbnzISEf4iNZt+hU5Zy6BzutQ6OAuR7+uHmGrucX/CG2NjaTe+rXhN3lMmcv/TEzZFYqme+e6Z4GlA1/aGBRDYjGHRBXUT2A354hBN0s9QTVmQWtI4DYDkwOXx/NTjd27zhxPT/9dkbXzDr+sI/ZaSVAKW6Ef/YwCNYgzQepze2/+PIflf02vcgFZQdMfEA9bN3v5+LjZHvbolMaaK6iyATG7NIHqSuESMIVz2mYGkfWHQ391puEBBuyQG3VpNiI06aw3FG6Nk4zDkMcXoHnzFPDMCZISxC0BxMaElevpentGsVHO38vJkwYdNr7U4RLfP0u6gMlt3Vi10+XwOqJKmGQCKbPRcXrimYVCKk2e13ypfnWogfKYNLqTe4SUm874r68RJg/MdYsJVEc98JJ37HV0c+k9VKFU7Q8vXi9wCazp9eC67VqkMJ9Flq2AIGSqJpsM2c7qkuO/8TP1YKUnu+VauxSrjmatMHC1TwUKarvMakEp+wQH8R7nBdKvMEObeYGVnI+dDGT5pLW4R0izvc4vp6IvL4fGRr+j7paxNuSVbGGzojj3ZuRMfvowyFWoPw70aLwVFXTrwH7VPrtxKRWLLgfLbUmlUx/ohWrGBi1Feu+tiJDs5UHhzGfPvFQhaHuMyjqi6pt94TwlAq205J5QrwlaQ5AcAMspFw2pu5A3tUNtBeY5Ln3WRazVa4Uh1bq8Z33Ptfmas4F/PTG50wJ0YodWnUnyoRxf+bl2VJNRsh0eMSownO/jc9qLrmtBqDKGsxQehyXUKFN4147MitNA/A/8aGHqPGoInEvEzrdwEIP+47nU+zYVI2HMQmJs++BV/HAxH5ssOcpdNljCnB97Ct9GssBDEA5SqRjgHWlXd+iSjQNfce+YlDCnJ/amGZkZNESFmNqqE5tK/WIckP2SVNyB8ofSiJejOQ/aCWz5zLmtkO+36C9YCrw7IH9eCWjWCE24/ZqgRRv+nkLkLDyofSDOPygC8vNC0j22PVaMfOvu3BmsqjRwKcMXBji9JppV+gz96PFz2patq7DvKouzHbDSGtZjqnSZdAXBZ+OzAGCmk+JkF48QzkCcotZ15UzbEc1/7/3BpPC4j3FtVqOB6byCuJxFf2xzZ1Opuw0MEgu30YV9b91LswDu+3MnhSLCaYADM84v09uSbWqDUqaIIUp9yaC7gNoymRFEl1+tfUxQfmKSq/UMG2wRa9zt2oehG9ClDIqfazFka52aP5PJ1wDhS3UUfWQSbw8ZfPhRYhGJ7epC5QJABzMhf4ptU8nCgTs9nPaWLOzjS3zK5zdOYD6DaJ1vxMFXlKW/4A==
C:\Windows\tasks\6b144b32-e986-48bc-9bb6-1646fce85034-4.job - C:\Program Files (x86)\Object Browser\6b144b32-e986-48bc-9bb6-1646fce85034-4.exe /tHElyyqlh /nDFKEHvF='Object Browser' /dRXMBsvX='C:\Program Files (x86)\Object Browser\32850.xpi' /ZXacAtCfK=32850 /uTauHmn='000037' /HNjTQtEr='0' /UHxssHkt='0' /BnDQkZo=51062B776DF44FE7BEA938E76308CC49IE /wyAOrlqa=e1c72331b84dfca9879c3f199edc72fc /bGMKndn=1_34_04_10 /lyzLXka=1.34.4.10 /VAcPC=1399396324 /KCjIuLgj=http://stats.clientdemostack.com /GOEwt=http://errors.clientdemostack.com /BlPZbawtG=300 /VkWzPLiu=9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com /RITMpzHCc=0.94 /EanFJu=a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850 /otcnIO=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /32850.rdf /CENtcehQ='Object Browser' /HRgNUxz='Browser enhancer' /KNDKPQiZl='Object Browser' /mJxJJLh=ff /imrGDm /ClHIrTxJ /LDIPo /FfuPo='http://update.clientdemostack.com/ff_ag ... pdate.json' /jwRJw='task' /rfptHS=''
C:\Windows\tasks\6b144b32-e986-48bc-9bb6-1646fce85034-5.job - C:\Program Files (x86)\Object Browser\6b144b32-e986-48bc-9bb6-1646fce85034-5.exe /rawdata=qRg2kSNifPEagJjx67jGXtuwSbGRp2p7o93u3Df4OYbmMwFTMYl/iF3RMVa+6+a/xskvFXVmFayyRL0zoMOZQijl74NOEXrvB8quE4MVAq3m3wU2l1Yak8jvjsgpi5dRwUZj1RbDN0Y0cRZ3RkUV/76LiDLk0dGJGLHOlrT0lydL8vatnbEDAc1wt83XOPRtKymrlGSY9CSNWVNSDuRh5lwI/ef0gmtEC0UNoHuMlfbaWckiWZabvA+R4DwcRb/79HcSNRPnWNu/q3lV2m2SIjkzKUk9DS5zp/7CK6UT+nhp6Cc01An6AIeA1G4VaTjog9DJ9vR9EHN+jrFVFRR4Q3LAmerJiPe4rIcVjyv5pbX2fHjeDsPH7MtK63cA2QNyEHkIMNvJ1Hx6vUuJ1OUfQLUwNHdW7sRHQP1iAXxZElK9OD4Jfp6hohgM7BmUP0nqZ81L2UmgFtZQGP986hY/jgGuMVUcmHZHY/uH/BHlee1YtYD55p9tyTHMkLLubq8ynzvegOej5XD0SBCDmXi/rE/zuICx+PJWljZnJdxxluAuXErsE56KFm0S+qwQLphgb6mJv/cxy5TX/dSsDW6OF0lL7OHACuepS7mSMSB80XJr2gxX0gmWnEFp0lsz1Bouc2ecIItjy4Ly7uDiLvZ5/sb3YPIEQlJSJfEoCgmcylhZKEG8z6dVR1qulJz0QW0WbJlkaG7kcE03kvLN/xp0/YoYxOTbhHt9GPHQs7UX2MqUYx/DSJL9MpP/OagXtIvfx/kQeZO6ygO7+iDqcIuYH40diFi9jKrQApzt8D6c5ZX1I6k5ywKIAAowlgepEgcw+XjHUv8P0hk/2UtfSL00PQ==
C:\Windows\tasks\6b144b32-e986-48bc-9bb6-1646fce85034-6.job - C:\Program Files (x86)\Object Browser\Object Browser-nova.exe /rawdata=IPJwSQCR9J0jumI2JPfMlPek+AQ5YimSHYEyvZ1bkzh2Zyqr6CYt8LFRTR8UVpbMlCEKj+VaR2XPzhFIB48qad3x9JGRluaySFbot2W2hrPqQraQM1fw6ZglyHzVJSrI7Zjcen2POmi4vtF9mx1bv1hn4ucTVAIDhJrIlWxMU1JLmoo3yjlRwZzMeI3bZM3pY/yWnFR7LZbB7bB4Zw8VZGmQumu2eZEr88KWAzyJItJtWZsfZhSKiOqsw2rEadysawy+RN14LsUj+tLPf0JHkWNsJ68uJYPnnSDoaT0XNb0MgJm1JouElsWHKf+mKy8sjZjzIFVD5ey7n9NFRiJwII5Zbu5u9LosnMOyiIVS9wqVPT40VbwI7e3ldpKsFygY1POpXiNRc1WUL0e6+rB/SxpCoa74VrwPFqhgXiIJ0MCPROczki19UBpqVytGeyviK+3/ebaEqlUjvOK2/lj9MslSPwGrMdfYkpu2ODwQmu/h/LteloXUxrQowV0RwnA+sZ3IvYHZJg8grK50vPGj78m6it/ugmXCFZuqOQr/bTOYhgB1nbFIrmqDzgRWsbk5AzAW5wiElJiTib+i5Vnage3e5npIRNbb4SjOCyJqAGCeOVe9COmVto7mLPKNlycpVfiA4r4mtMLf9eGL722YfNTcTDTMwb1+uGwdouDjNGQvwlZyNdF4rAC2VYJn/po4/XzCOKNBbJPU4MG4UhQ5IKaLzcVwENkzmu09yjnPBIdUud9jusqZxQWXTZgvZ63FNi2GHgBF6Uyv6xgT6LIkpoejhKzK0REniNGYKuCMxEyvy7J0c4Ds1c6+UYqYw8YBp9zD7df1p2w6Q8Kzq/OKVYZn9h0PBkP9Qz7bKmIM0rYYJmlBoCKw1MtcC/+E5G8rpEmb6uxrPVXSS3E7ubkLXL4xMgBB89Cf+qFyOXmH2aAmFZJhPJEAcY4XfUC6kvhp2FN9agz5jrH85ksBu2snRkDoxp47I48rNb8H6QYzbd6hM5OAtDlc9sDNhAgNhAaKAEFhmcT87SXdM8s9p4vEyp8plbO7netpaScqCYTG+YsWYZY7l+fYgm+6oRinDY13XObJmu8D3SJ3s8fGOVsBX1J1uZ2t78QsEIIgVdPqX8EYWbcSE9at5fCOMQr6NjEmbdEfAR2D7Ijqb8qNKE06NV8t2obhgOTDCWHBp7jSQvs=
C:\Windows\tasks\6b144b32-e986-48bc-9bb6-1646fce85034-7.job - C:\Program Files (x86)\Object Browser\Object Browser-nova.exe /nDFKEHvF='Object Browser' /ZXacAtCfK==32850 /uTauHmn='000037' /HNjTQtEr='0' /UHxssHkt='0' /BnDQkZo=51062B776DF44FE7BEA938E76308CC49IE /wyAOrlqa=e1c72331b84dfca9879c3f199edc72fc /bGMKndn=1_34_04_10 /lyzLXka=1.34.4.10 /VAcPC=1399396324 /KCjIuLgj=http://stats.clientdemostack.com /GOEwt=http://errors.clientdemostack.com /IsMeKTU=http://js.clientdemostack.com /mJxJJLh=ff /QxtbgyeC /VrXBqTsrk='nova' /FfuPo='http://update.clientdemostack.com/novar ... pdate.json' /jwRJw='task' /rfptHS=''
C:\Windows\tasks\6ec23ea0-6ec8-40dc-b686-74a437d9d25f-1.job - C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe /XbItjrAs /jwRJw=task /nDFKEHvF='iWebar' /ZXacAtCfK=35510 /uTauHmn='000170' /HNjTQtEr='0' /UHxssHkt='eyJkYXRhIjp7ImRhdGUiOiJFNTR6YWRrY0FnMCwwMjc0ZWUzYS04MDUyLTRkOTItOGM5OC00Y2VmOGU0MDMzMjUsIiwidW5xIjoiMDI3NGVlM2EtODA1Mi00ZDkyLThjOTgtNGNlZjhlNDAzMzI1In19' /BnDQkZo=C1045640C2C749798BE0CAFBC6B41F9CIE /wyAOrlqa=2f20009adbb1636f10495bccf2de24f9 /bGMKndn=1_34_04_10 /lyzLXka=1.34.4.10 /VAcPC=1399204595 /KCjIuLgj=http://stats.clientdemostack.com /GOEwt=http://errors.clientdemostack.com /IsMeKTU=http://js.clientdemostack.com /mJxJJLh=ff /imrGDm /FfuPo='http://update.clientdemostack.com/ie_co ... pdate.json' /jwRJw='task' /rfptHS=''
C:\Windows\tasks\6ec23ea0-6ec8-40dc-b686-74a437d9d25f-3.job - C:\Program Files (x86)\iWebar\6ec23ea0-6ec8-40dc-b686-74a437d9d25f-3.exe /bindBsrEt=DKZ9y+6zOKNgUxRZxgDTfvM4Bq086O+GCx6kdijYgpgU8DmJwjfuctsasbtYbWFvNNl+a71WX7qXqmr04CC5Mj9qw4pzxHuXUNKBm0vBVjXgRqEpFASI/PiZOMkW9ZWBcsbl3XTzH+RBGq1cUdr1hAq12YAkCJ7lhBTBjw/AMhtGy/ImeG5h2yTdvjZ9Xy2Hrlgs9sKm/eNf0ndYbDiWhDJISG+nHTt6Tf2H3MFKiW9LukRkl3LSBMrjAc3nw98YKH/nAYEgk+rLC1W8+wsGRS4df/QlZP1aB6raK/RqR3zoNzfV44zNy8Cnb5RJZA9fkSO/01IPLnE2NjJSGE5y/HyKDwoDbdti+pRR3epmwpkREWtHtYJS012FKPXZMTaEPsaFeFBUjEI0kGP8jG+fyuvI+ov5aB7gXygieADQJVx9ZzoOYgM5DSrC6hDe2vxIZkxEAGLbLWiiQme+EUcLRnubMWmy23S58mpnlpdTur21usPEZALLZ0pJQC65UdknZ+pnxpFBMrYUnGT8u5d9JZRh/99TrTWtk8fTB8YoCzu6MNHUrkbIV4YUPLrS8fk52w+CvoxteT5oMzdLqawBviWZKcTUCQTkDtWL3ipjtnejwoQILIbKc2lFRhTr3fJ0Db5hFetAFOPt40JyIsSASI8Yv0sTFPP5yW8h0VPVDaReQr4FeAZL3O5VbXJ7LSC6qMr4xCnLsB9lgEJBf3HEtNOGaDmmH2VmV+Pd/zZHthaHAOx4R0wWIVixK8KNIGNqM40U4hBq9qpxeyx9Gx0r8FjXfPxGqfmpQdZfKkrXQ29FlL+XI28ehCAhZYUnKz6l8O7UnnRHrEWl1DLJjmgfpCu77u10N2XM+4P8ZLKff5wP0GO8bNYQsENhbzDETchjVu1VLeil+G3TvxFJT6MGz0i2DZgYNaUto1dN4BP/31sYBf88LijiWOEMTnHgaO+DDsY5Hweii7Al2tRuA4LLb5AivL9fkXskeBiVSTk0OvEs+bLNVib0HmGIZUpe+eekUqKyxwnrwE1TTbMHxHTIbr4oFxOeoWLXN+0vsLsygx5Pnjt9URZf5Iqs6OjbhLkT3hzCbvC0ehmDO91FsygUGq5MO1gsy46ExSqPHK+Dcn6cJtWYFyPH24QSacnHD/QyiQNxmseI1yCVc+IGd7hPTgpIze/yczGo9MrkBKoUgdJ026OsmXCaIfbOjjdBonUIXHtYfBb41T2m7j2evpY9wHkIOQTjXlUCjWqbn8rF1AAcCm31tuGk9hd1MBZMGrlDPffD2lQyyC3hiynQi50APiTw5DXAyZ6m5uJBDpdwLREWFGF1Guw6fKVOkiFRgApcJDrEtwMLhakiE70Pcc4meGxDGYyG40CA6tUFEL8ZUeNq/xH5Sv6HTXFm09tnFoZK/q/gCoSYubb0M/pHpU3WlnoNxPcQkoGxdnxRJL8sH4AsjymsPBFvVtprU5pu1V3sVFQvAsmDc5g0R9rinGgSBVva22Bo8VbnzAO3icb/GTW6gTpg+TLQki7ECMl4jtCY
C:\Windows\tasks\6ec23ea0-6ec8-40dc-b686-74a437d9d25f-4.job - C:\Program Files (x86)\iWebar\6ec23ea0-6ec8-40dc-b686-74a437d9d25f-4.exe /tHElyyqlh /nDFKEHvF='iWebar' /dRXMBsvX='C:\Program Files (x86)\iWebar\35510.xpi' /ZXacAtCfK=35510 /uTauHmn='000170' /HNjTQtEr='0' /UHxssHkt='eyJkYXRhIjp7ImRhdGUiOiJFNTR6YWRrY0FnMCwwMjc0ZWUzYS04MDUyLTRkOTItOGM5OC00Y2VmOGU0MDMzMjUsIiwidW5xIjoiMDI3NGVlM2EtODA1Mi00ZDkyLThjOTgtNGNlZjhlNDAzMzI1In19' /BnDQkZo=C1045640C2C749798BE0CAFBC6B41F9CIE /wyAOrlqa=2f20009adbb1636f10495bccf2de24f9 /bGMKndn=1_34_04_10 /lyzLXka=1.34.4.10 /VAcPC=1399204595 /KCjIuLgj=http://stats.clientdemostack.com /GOEwt=http://errors.clientdemostack.com /BlPZbawtG=300 /VkWzPLiu=2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com /RITMpzHCc=0.94 /EanFJu=a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510 /otcnIO=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /35510.rdf /CENtcehQ='iWebar' /HRgNUxz='iWebar' /KNDKPQiZl='iWebar' /mJxJJLh=ff /imrGDm /ClHIrTxJ /LDIPo /FfuPo='http://update.clientdemostack.com/ff_ag ... pdate.json' /jwRJw='task' /rfptHS=''
C:\Windows\tasks\6ec23ea0-6ec8-40dc-b686-74a437d9d25f-5.job - C:\Program Files (x86)\iWebar\6ec23ea0-6ec8-40dc-b686-74a437d9d25f-5.exe /rawdata=P/OLZp6sshWY1FK1q9zTnWb3jE+mXhsTd+ds3O8Od+UUWw81plus6TPdYqJOr2pafs95hwoO46yGM66hDvIlJlg3cdnWIG1dAWLWipJk/AuOA24D4/HjNJ5ksxc6yr0EAuFM2OuGP+5T0ys/OhyZOLD+CzOPrrdC4K7B3GDucCxoJh39I0e/7pSMJYMiar2CrhVvGIqg5Qu5RcAW6F4X7OXu0fFIF/F32IF3l/MNxNl1xKYOuS9WA6oC60LhxvzPoRWSwRM6B0LXYq5KY8sqxm0cQweEibzoSIXoRgzJRTsNMEOXa9H7xCl+lN5VJLAYaJBrdTgTEn5i1YrdUtsUNUZRl+G9VHg+FVDNG4728i5RxK0UHUtS5ItrbWiA9sxVto1udByTd+LpB86SNdG90FaJPmGN5Fw3ZkjiyAtdh3CMA5pYvwlDFOs8n3KOXf3LKb0AJToc9x0Tpeno+LmnBTYJ0jwfm/VRFCG2eCK0JMmRlZwj304xefFxK+PlBUcfxhKk0BFPrKZv81NWExYIIqFwshhkmhMT43PeM/wZEBM0AMcg5xNW91CfgkCGj7SAZ+kGs5gqzycRwb6GxOqIVPKDGejNYkNk0ICakYkrBMZ4XSIwFDJZuiX7gbGMwhzy6LMlAvIgTtQOUhKJXXa+nEnRv9hA0YLnIb7N85qfWi+bim04rjeyO9EJ71DWx+gD/0zVQ/ncmMxzW9oU21lko74M57hwfYDC1mq3jEmDL+jhJWMtpyH8JTkgrQfQJNkvkrx1u+qa46A6i4ZqcRqe9hKgnKbaGIAkpJfp/NGMT8CtPb1QPQCJDljJIEvtA9NjpxEeR2q2AYhY416e6BDrEQ+hyAdi0zwbsL2qp/vTYzYAvU71pcQd85DAjiknsPw9jeV5vTU2ZvUlYDWp+LWQHhhD+T7AaA+lkB4yMFQgWZdoZG2bhNDq0rIR6Z3gdrnRq26lNnhegz9/O7nZO95XEQ30AFf9ffRQuLx2Hg9Mllpy8bCeDIer0HQ4PfBLrnoo
C:\Windows\tasks\6ec23ea0-6ec8-40dc-b686-74a437d9d25f-6.job - C:\Program Files (x86)\iWebar\iWebar-nova.exe /rawdata=uWgVnek3JDNrHJ46Pm0Hcxv+6/3omjGj4Q6JU+by6OkXyNOcgo95XxzcWJIK8euiv48xUsYTREjdfvw1JYsK6wzukziayW26C3oDdl8WjajPpt6JEIfalMPEozQQvAS3QrLCb1pEfIOkyprLp/N2Ni2N1tX66CDtPdZSgKV4L+Kg/OzWin7/+hyq+j91WX0dAvE1iSGRtappxX+uk2CfXz5+v4c4/STas9fK316KGWAKO9oSAq9L40EYtKY7dnFa8aqatTchpsCx4nxc38+taEm+8rVM99AGM6/rHKpM/9hNfGtyLHyVEYC7uUETUTYpaQe90Tb+4/raKZ+9zFHLihC4Vnx7ClNz7eaWF2kyNGBqA/i4e/v1FLeSLIYRqwWfmUFzBQFEDXn9XUOZdF0cFSHpg8iqHMlvHf28L94eWTmz08ZagyiGp2PApMny5P6Q1f8XArimDI0skGDDS8QxCUUfkZmOHJKg9h8+vbEv5JFBSEqESddE6W6VZGLZ8ls4kqgMt5zTmyYrJyDxmovGIZjmFUFcSYrNpnCNRr4Tl/Omjtjly3ZHKKrRv1tHfp4zmrE+fbnaU04DJoEbVtWU+X02isSHOErVCNUUNClTrsofF5UHMV6OnRw5xOdL1O9+P++aXZUxEOpoZGcwIMa3PhDdwax8Is3Jayx3NoGtXZCZUITNV3GWoQvfvB2axY2RlASHwdSeP/Efq4nitmgkrHIg6JYLtzaddDbKUJ+GQznCrmSVU6d4Eo2eiv0ChtY/f+sPLWKQx6JZgkCcnfFaOzpN56LmiIATlp6KKBlgQ8Om4Bkfjr0Bpvt8qSfZbHidfPawpzwYAZyt6wdJXnk70WqQjjLOBSopaFHTBUi2u9oTP2qlOXQUgYLP5tDUNiqjkiMxoVMGA8LM9LDZHZrOptSP/lRGLH/MCYrNUciY13O/3gnCAwMmsamWUhCx7VoTlKW13/pYrAEobVLMMtaxosm2YSkxQPA4GPFleWDn+L2BLGLs9RakVl07aFzZY/39l/NvOf66or8HQ6MUT+W5N/2lofupftei8b8MagonNslcPl7RBvMhPqoHBqpymlf5vPeTf1NpjW7mLY0mt+cwIGD35eXMGSmz6IL3kONzNWHVJg/Hhjk+NBSY7PLqsJezWMKsjOWtGQxCvzZpSphxYIzuVSz1bZmlinwkaOAq+FE=
C:\Windows\tasks\6ec23ea0-6ec8-40dc-b686-74a437d9d25f-7.job - C:\Program Files (x86)\iWebar\iWebar-nova.exe /nDFKEHvF='iWebar' /ZXacAtCfK==35510 /uTauHmn='000170' /HNjTQtEr='0' /UHxssHkt='eyJkYXRhIjp7ImRhdGUiOiJFNTR6YWRrY0FnMCwwMjc0ZWUzYS04MDUyLTRkOTItOGM5OC00Y2VmOGU0MDMzMjUsIiwidW5xIjoiMDI3NGVlM2EtODA1Mi00ZDkyLThjOTgtNGNlZjhlNDAzMzI1In19' /BnDQkZo=C1045640C2C749798BE0CAFBC6B41F9CIE /wyAOrlqa=2f20009adbb1636f10495bccf2de24f9 /bGMKndn=1_34_04_10 /lyzLXka=1.34.4.10 /VAcPC=1399204595 /KCjIuLgj=http://stats.clientdemostack.com /GOEwt=http://errors.clientdemostack.com /IsMeKTU=http://js.clientdemostack.com /mJxJJLh=ff /QxtbgyeC /VrXBqTsrk='nova' /FfuPo='http://update.clientdemostack.com/novar ... pdate.json' /jwRJw='task' /rfptHS=''
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\f3c825f8-dc21-4793-9f24-12a483c004ae-1.job - C:\Program Files (x86)\Sense\Sense-codedownloader.exe /Rocje /ldwqMeEj=task /BNSOW='Sense' /HZbtpM=48292 /mUUnDGbr='000803' /wtLUN='0' /cDyCH='eyJkYXRhIjp7ImRhdGUiOiJFNTR6YWRrYyxhZjNhNzI5NC05MGViLTQyZjctOTVkYy0zYTBjZDk3OGUzM2MsIiwidW5xIjoiYWYzYTcyOTQtOTBlYi00MmY3LTk1ZGMtM2EwY2Q5NzhlMzNjIn19' /tiPGm=D43439F0E9A341B3B835042FFA07A138IE /ukjYoYsHH=dd10615d7450941667a9a60633b5f8f4 /tOvdulK=1_34_04_10 /RppKetCFK=1.34.4.10 /hsZosTq=1399218750 /czSXVWUv=http://stats.clientdemostack.com /GgxZoSR=http://errors.clientdemostack.com /giKxZUQ=http://js.clientdemostack.com /KnGsmi=ff /YylzXDJkE /comtgSxKp='http://update.clientdemostack.com/ie_co ... pdate.json' /ldwqMeEj='task' /SQYYGPDAa=''
C:\Windows\tasks\f3c825f8-dc21-4793-9f24-12a483c004ae-2.job - C:\Program Files (x86)\Sense\f3c825f8-dc21-4793-9f24-12a483c004ae-2.exe /KwLSfiV /BNSOW='Sense' /HZbtpM=48292 /mUUnDGbr='000803' /wtLUN='0' /cDyCH='eyJkYXRhIjp7ImRhdGUiOiJFNTR6YWRrYyxhZjNhNzI5NC05MGViLTQyZjctOTVkYy0zYTBjZDk3OGUzM2MsIiwidW5xIjoiYWYzYTcyOTQtOTBlYi00MmY3LTk1ZGMtM2EwY2Q5NzhlMzNjIn19' /tiPGm=D43439F0E9A341B3B835042FFA07A138IE /ukjYoYsHH=dd10615d7450941667a9a60633b5f8f4 /tOvdulK=1_34_04_10 /hsZosTq=1399218750 /czSXVWUv=http://stats.clientdemostack.com /GgxZoSR=http://errors.clientdemostack.com /DiNzW=11111111-1111-1111-1111-110411821192 /KnGsmi=ff /YylzXDJkE /comtgSxKp='http://update.clientdemostack.com/ie_en ... pdate.json' /ldwqMeEj='task' /SQYYGPDAa=''
C:\Windows\tasks\f3c825f8-dc21-4793-9f24-12a483c004ae-3.job - C:\Program Files (x86)\Sense\f3c825f8-dc21-4793-9f24-12a483c004ae-3.exe /sLqHCnF=cxrKCwON28zJdK/JhohZ5jJbQurBWDmtXnsj6GsgM4zVPUasbU4Ez00fK9IqT9ko88ugPGQPSyFX3h3+oyKS7nyKm2jDVjGUtxNKsYN9EAUOZa+7myfsTUKyX+otkrbRzeaP7/s0u/poRn5ct0iDAfYlF0PuAN6KZxvBtCntddoyZbEnS4hXGLGYHDxvsV8c0mDiL1Kil7png8y4yAB0tz/g7o2j5C88hHZAcsIrfavEGjQBG8mbvnbWGDF76vaZ5US2IYIy9ri2y/yYwCCWmyp8lKFhE7khWel8eSTVzCpVfKas+tfTuZE0bHc8xY4NKpm7ut+LOwFlbpRnObOSfTVFjRve1zoN+PYr24bFjU1fxMWw95D6AtJiBS2vKn76ZZzcLH5KbBWqzBz1HfftE2IUtQ/dEgJLf6FcMCYmcOpAzdRUqo4EMhUw044dcv1j4LCOsK6dDr1oXjvTWvbGx7vykZEHM1qRONeNJSeNG7HZsw6daHHejEBygMRjvH+GB0my/GwFYxSVl7icmGc9S/Sxv0j3/B4bocmKULu6MPkXTBQcUdksSjkGJY29URNNusf1K8cZLY0P3G7tCjvvwI06NsnUpLSWP/X1DCpu0UzTIrR6H4nyaZ3hZMn6dbo6IS6g6zBCQ4TV6xv5j2465AZqdMKHZy53Jad5gC1hAOMfj/DQJcrmoUvvFUXCcLjelZRFCaAmFfxgsJsc4raj8nYpruvZQUzeLjQkPkf5xX19v+sA5Ogve++Z/e1a4HLGsfEnrL2uf7XH0BLOCETwmKySDzLRpZA1SPPXRpTAZ3zYh2isrWCEjl8bjWyKSAcYGv+z5puvPGkezUJi7eIev4cf6kAGXMBGmxyCn+gtlf27zr/XAlSPdSNxJuZ550zjfFHF1ydX76W/XOgcWi6vlm+vINvzw7zJc/TrQx6nYifOhWx2CHMdd7aaUV8NDycOB9Bg7YzUbY3IrZzAHfMSXg+EdGXkHzFnx0TBlCqlcQ2PlL97smrmmKVTePZ4dUodMnhqoHpq1bMjgR0ttueAa9NCK1m2RGz6Dq8ck6a2xn9lZK4AVWSl6HGe2ecGiqez8MH6fml3l9Y/LCCGLEjtD/sgDnirrS3hXQNtYAxf1NXy522l3XUFz2RMh7hmc7/ibHcFLszYQOMPkTa6QtFRtzjgvvP880oQmhWQ9CyN9ZuwblTqG6i76tgq80DIO9QPZvA/Dj30UXX1Nx9xPnrNomJqVVq5HNI/hqpTIcK547tv7bFwhKIhslhJkIrDhYTCifXKVhoJY4PmyDWkKG0MziGt+6F6WoFPU0IGB0OUzRmXdfhcY5iT3CuAidfQLV+X4IjrRctfZZ2zDLxcrE6STx5eU76o3izDHDlPxa9QJWXF3oEEr/CVOOPMpQWLzmJph3UHXhxQoC9N7HzY+GKlFm3XxFFQ7Z/40MTJdv2A+Cn3RI7ux3Jeg1KonDRkZB3vUnCZJRCLej9Iwgj7klZgamSkvT90/jykh1Ac+iaR+ptIuZvT1xQ6mrKf1sCmXSoR
C:\Windows\tasks\f3c825f8-dc21-4793-9f24-12a483c004ae-4.job - C:\Program Files (x86)\Sense\f3c825f8-dc21-4793-9f24-12a483c004ae-4.exe /BhEQVzt /BNSOW='Sense' /Fsqwaryji='C:\Program Files (x86)\Sense\48292.xpi' /HZbtpM=48292 /mUUnDGbr='000803' /wtLUN='0' /cDyCH='eyJkYXRhIjp7ImRhdGUiOiJFNTR6YWRrYyxhZjNhNzI5NC05MGViLTQyZjctOTVkYy0zYTBjZDk3OGUzM2MsIiwidW5xIjoiYWYzYTcyOTQtOTBlYi00MmY3LTk1ZGMtM2EwY2Q5NzhlMzNjIn19' /tiPGm=D43439F0E9A341B3B835042FFA07A138IE /ukjYoYsHH=dd10615d7450941667a9a60633b5f8f4 /tOvdulK=1_34_04_10 /RppKetCFK=1.34.4.10 /hsZosTq=1399218750 /czSXVWUv=http://stats.clientdemostack.com /GgxZoSR=http://errors.clientdemostack.com /cWsUxgAdy=300 /iAKXh=143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com /XKRpiT=0.94 /LAuXjYKUK=a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292 /yZRbmwvPB=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /48292.rdf /ZkXTo='Sense' /bJmfDhS='.' /cuvEJFfx='Object Browser' /KnGsmi=ff /YylzXDJkE /PGivmcuzh /zsilm /comtgSxKp='http://update.clientdemostack.com/ff_ag ... pdate.json' /ldwqMeEj='task' /SQYYGPDAa=''
C:\Windows\tasks\f3c825f8-dc21-4793-9f24-12a483c004ae-5.job - C:\Program Files (x86)\Sense\f3c825f8-dc21-4793-9f24-12a483c004ae-5.exe /rawdata=Uq1i5XISAqEgEotbC74hOeC/iDwm/4pHNlfyH18j3I0kz8af2t7h77z8gu7XITVD/g7FqpbyLGSByVSax/c3rtC86lxKel+S9bo07XPWpsvkCU5dkjxKImaP08muPOVDbM3U629do50oc02cSpU2q6Xva11wx1KKk00t/yvAL42yI5SI6GA8HwCSIfMyAXNEVlVWClZNKy3d/9ggx/OkNZYHj3Y4HH7/wMUKkUpsAXhYnChD6YCXXMaOAGagvnxYGQhtzrjJIQlK5knuDs+Tjyvga4wpoI7aYrau9ivc5hTaytWKueyJW7cu9P/5s1FoQi6MAWYyX5KEfb7BbDXZqWF+9uvw94b30c0AN2OHuMxWbfu7beytqOhdty6mzYmYiMerQP1J4A/YbhhO7rCHj6hfAOODN2gjNyUrlAiSVCg9dhR83IKW4/LLXF2spJbavadZuur7MLeL75+YjeO5u2rjAEnJTy98A/eiYJTHK9EBfb8B27YZMmwC8/NmqjvhJN/JLWGCQSVbiJ2I8mUIeV4J+FqapNbRY7ZfilLF2pDOUY2uWfqZ6/u3QvxiRrTSzRBIdVAuL0epIEk+K+YazMVfj1wBYPX07uRtC4odmvyePzQUNq0Tqmc5gKpbQBiEYiuXUEfxrnMcBx4NimLiVBOtx5w1RwTaJWA+oFKNYXIeUD+kQhUjQQXHY+dojwozF/IRmMu+HGD0ry/yjwjRpg+aCj8U977lg4T9yKepQqFQK7PCUAW07Sn3BHdbP4N/3yfB6rA44JdwSrExiHpMGeEWXZNTqO3bD0iAQ1geLzQzWMLDnI36uFXF20GU8PB9vbG5b1zXtr6yloX97IK5RhcylBOvSUci6JjMac74GfymGFKD6Lxaul2wtJ7/eNXfE7FNneBcRnL6PI2sxFtSdKO+DG5+pBXNTvq47CZ1GujVHURFbum0z/f2sd17W2N5wwIUczyMdb84KP3BiysoRI5NC2R4g1B7yU/CWR+US8yZzCEWMXgEwFEkIm/2YaQ4
C:\Windows\tasks\f3c825f8-dc21-4793-9f24-12a483c004ae-6.job - C:\Program Files (x86)\Sense\Sense-nova.exe /rawdata=HqlHwN04vaLFxdMxmlrMQmQPZdR2YzIA817vjRzlrdmk91kM7LdY+Sz8IjyohMZM1rukfgGDIy48S5yJ/J7Rk7NyGB3xp6dbxq9jkCihKceLLZvWQugMDASEP74IFZKA4XegK42GdE+jh/w2i6QhhOMv+MhDIZ3b8TpvuKPzK3Adgra1WmuFsQtqD9+gr3daojWnxxjtAXcvXGJ2/hkKBYivp5vclW0mrLbFmCgfLyUiibdKC2P/0ZadMngERO7ULLF/2VTo3lL+TrpU49GRCUmRpGE3xKHNK8igOqvX18/eNsf1HNb5ecu0qAy2NV/E3FH9XRsNh/DfF9pyTaRJVydhPEn+QUJDs0WYsfQoXSlHqj+LbfKdKJtVq1rV23IFt+wwmKpqmukhY2q6VwuVOQ2dIKKfsvSdtzab4E7noVm2g9+gmhsfUkGwfnj6i9hTrwmdF2eVLvsO0U6SsafMpNMpfdi1gwobUec8AAtli1SLvd44DS5G4ZUUVvchQR1ixHZAapZjJFNPf+vojJATY2bODZdFg3H2zNj49eFtSHK/20Tr+NsbptGnKbdk5Wic0fky8yVA/vZSYUT9gEWxxK9OJb3m6/77gpExEZpoAVGDjHq5/22WlnPN8Lt8I9zXMR9Oa4dUZyWztfhnpEM7xan8wkq7GpTKxMw3vaKa03GlqebQWmAV2mBSBSFIP3IKY/XS8kli0iS6nQegGldHAVY9J/aGnFG3UjhqvrumRK1xM3nbU9cHZBm42Q7OWdwkXhtj/Vt5jo6QEf9VmhgULALD2Vj/Ccpui+ZNn+5deg/nD8W00nWj9IsJAEJBt6P1bSJCCqXrpkGjwHDYPS59drF/D4lPxf6lRaDWhcXSbvxWcDC/0oqDJCXqQ3jO9gW3rrdHjavKK3VjHK690P/UUvVKOoLEYi9FnZZpMhvqYt+4L6uQhhETgciNboHb2sCu7SmXSaZsizlL8/E583kcfBMTJ6CHydSN/rHdra4arZbwFQN0ziK/WKTOGdffBTbBB4Po614daF/3yVi5Z+p80/Wgyoll7kZrzxVjllX9qrxApVTea84oFFrS+179dIGRf4ABi252vs9xVKBGlFsE6SOZG2PWTh4cC3JXKxJJ/DJjT/ZlzivNPlI91vqdy4JbmVS2Q0gb/1q8l1+a/NQMl0euYcDxutVlIoyp4eW8vDI=
C:\Windows\tasks\f3c825f8-dc21-4793-9f24-12a483c004ae-7.job - C:\Program Files (x86)\Sense\Sense-nova.exe /BNSOW='Sense' /HZbtpM==48292 /mUUnDGbr='000803' /wtLUN='0' /cDyCH='eyJkYXRhIjp7ImRhdGUiOiJFNTR6YWRrYyxhZjNhNzI5NC05MGViLTQyZjctOTVkYy0zYTBjZDk3OGUzM2MsIiwidW5xIjoiYWYzYTcyOTQtOTBlYi00MmY3LTk1ZGMtM2EwY2Q5NzhlMzNjIn19' /tiPGm=D43439F0E9A341B3B835042FFA07A138IE /ukjYoYsHH=dd10615d7450941667a9a60633b5f8f4 /tOvdulK=1_34_04_10 /RppKetCFK=1.34.4.10 /hsZosTq=1399218750 /czSXVWUv=http://stats.clientdemostack.com /GgxZoSR=http://errors.clientdemostack.com /giKxZUQ=http://js.clientdemostack.com /KnGsmi=ff /QJNTQTUj /GUjBoYkYU='nova' /comtgSxKp='http://update.clientdemostack.com/novar ... pdate.json' /ldwqMeEj='task' /SQYYGPDAa=''
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default

prefs.js - "browser.startup.homepage" - "http://rts.dsrlte.com?affID=na"
prefs.js - "keyword.URL" - "https://search.yahoo.com/search?fr=gree ... =238417&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\extensions\
143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com
2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com
9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com
staged
zzoomit@zoom.com
{54FBE89E-C878-46bb-A064-AB327EE26EBC}
{62DD0A97-FDD4-421b-94A5-D1A9434450C7}
{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
{CA8C84C6-3918-41b1-BE77-049B2BDD887C}
{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4}

C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\searchplugins\
dsrlte.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}]
Browser Extensions - C:\Users\Filip\AppData\Roaming\Browser Extensions\Coupons.dll [2014-10-20 610152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-06 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2014-04-22 365056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-06 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"NPSStartup"= []
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1437\jsdrv.exe [2014-12-23 3224576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2012-01-02 102400]
"SpeedItupFree"=C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe []
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1437\jsdrv.exe [2014-12-23 3224576]
"Free Download Manager"=C:\Program Files (x86)\Free Download Manager\fdm.exe [2014-04-29 6980096]
"uTorrent"=C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe [2014-11-23 1385808]
"Browser Extensions"=C:\Users\Filip\AppData\Roaming\Browser Extensions\CouponsHelper.exe [2014-10-20 967528]
"Yahoo! Search"=C:\Users\Filip\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe [2015-01-08 634576]
"Search Protection"=C:\Users\Filip\AppData\Roaming\Search Protection\SP.EXE [2015-01-05 1127736]
"S60 PC Suite Tray"=C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe [2008-12-06 699392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe [2014-09-30 854704]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-09 19:52:49 ----D---- C:\Program Files (x86)\trend micro
2015-01-09 19:52:43 ----D---- C:\rsit
2015-01-09 19:36:56 ----D---- C:\ProgramData\ESET
2014-12-25 08:58:38 ----D---- C:\Users\Filip\AppData\Roaming\ASP
2014-12-25 08:41:37 ----D---- C:\Users\Filip\AppData\Roaming\WebTest
2014-12-17 23:05:23 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 10:46:08 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 10:45:58 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 10:45:58 ----A---- C:\Windows\SysWOW64\iernonce.dll
2014-12-12 10:45:58 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 10:45:57 ----A---- C:\Windows\SysWOW64\urlmon.dll
2014-12-12 10:45:57 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-12-12 10:45:57 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 10:45:57 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 10:45:57 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 10:45:57 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 10:45:56 ----A---- C:\Windows\SysWOW64\iesetup.dll
2014-12-12 10:45:56 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 10:45:55 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 10:45:55 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 10:45:55 ----A---- C:\Windows\SysWOW64\ieui.dll
2014-12-12 10:45:55 ----A---- C:\Windows\SysWOW64\iertutil.dll
2014-12-12 10:45:55 ----A---- C:\Windows\SysWOW64\ieframe.dll
2014-12-12 10:45:55 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 10:45:52 ----A---- C:\Windows\SysWOW64\wininet.dll
2014-12-12 10:45:52 ----A---- C:\Windows\SysWOW64\vbscript.dll
2014-12-12 10:45:52 ----A---- C:\Windows\SysWOW64\msrating.dll
2014-12-12 10:45:52 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 10:45:52 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 10:45:52 ----A---- C:\Windows\SysWOW64\jscript9.dll

======List of files/folders modified in the last 1 month======

2015-01-09 19:56:38 ----D---- C:\Windows\Temp
2015-01-09 19:56:26 ----D---- C:\Users\Filip\AppData\Roaming\uTorrent
2015-01-09 19:56:05 ----D---- C:\Program Files (x86)\YTDownloader
2015-01-09 19:52:49 ----RD---- C:\Program Files (x86)
2015-01-09 19:49:04 ----A---- C:\Windows\win.ini
2015-01-09 19:45:27 ----D---- C:\Program Files (x86)\RCP
2015-01-09 19:45:26 ----D---- C:\Windows\Tasks
2015-01-09 19:44:59 ----D---- C:\Program Files (x86)\iWebar
2015-01-09 19:44:46 ----D---- C:\Program Files (x86)\Object Browser
2015-01-09 19:44:40 ----D---- C:\ProgramData\ShopperPro
2015-01-09 19:44:30 ----D---- C:\Program Files (x86)\Yawtix
2015-01-09 19:44:26 ----D---- C:\Program Files (x86)\Sense
2015-01-09 19:41:00 ----SHD---- C:\Windows\Installer
2015-01-09 19:39:32 ----D---- C:\Windows\inf
2015-01-09 19:36:56 ----RD---- C:\Program Files
2015-01-09 19:36:56 ----HD---- C:\ProgramData
2015-01-09 19:36:43 ----D---- C:\Windows\System32
2015-01-09 19:34:57 ----SHD---- C:\System Volume Information
2015-01-09 19:22:55 ----D---- C:\ProgramData\dfed7653-07f4-44f2-abaa-a70c946c17c3
2015-01-09 19:09:34 ----D---- C:\Windows\SpeedItup Free
2015-01-09 19:09:31 ----D---- C:\Program Files (x86)\SpeedItup Free
2015-01-09 19:05:24 ----D---- C:\Users\Filip\AppData\Roaming\Free Download Manager
2015-01-09 19:02:25 ----D---- C:\Downloads
2015-01-09 18:57:51 ----D---- C:\ProgramData\Systweak
2015-01-09 18:53:32 ----D---- C:\Windows\Prefetch
2015-01-09 18:53:07 ----D---- C:\Program Files (x86)\MyPC Backup
2015-01-08 19:36:28 ----D---- C:\Windows\SysWOW64
2015-01-08 19:36:26 ----D---- C:\Windows\Software Display
2015-01-08 19:36:26 ----D---- C:\Program Files (x86)\Software Display
2015-01-08 19:02:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-25 08:41:35 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2014-12-25 08:40:24 ----D---- C:\Users\Filip\AppData\Roaming\systweak
2014-12-24 13:04:48 ----D---- C:\Program Files (x86)\ShopperPro
2014-12-24 12:58:01 ----D---- C:\Users\Filip\AppData\Roaming\Search Protection
2014-12-18 03:00:44 ----D---- C:\Windows\winsxs
2014-12-13 04:02:47 ----D---- C:\Windows\rescache
2014-12-13 03:24:13 ----D---- C:\Windows\SysWOW64\en-US
2014-12-13 03:24:13 ----D---- C:\Windows\SysWOW64\cs-CZ
2014-12-13 03:24:12 ----D---- C:\Windows\PolicyDefinitions
2014-12-13 03:24:12 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-13 03:08:54 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64;{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64; C:\Windows\system32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64.sys []
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}w64;{16d667ee-6782-4b21-81df-8ded8ebc3868}w64; C:\Windows\system32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}w64.sys []
R1 {dc8e5bae-111b-483b-81ef-852b5b72d3ef}w64;{dc8e5bae-111b-483b-81ef-852b5b72d3ef}w64; C:\Windows\system32\drivers\{dc8e5bae-111b-483b-81ef-852b5b72d3ef}w64.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys []
R2 sbmntr;SBMNTR; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys [2013-12-20 58728]
R2 SPDRIVER_1.38.0.1437;SPDRIVER_1.38.0.1437; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1437\jsdrv.sys [2014-12-23 52584]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 SPBIUpdd;ShopperPro UpdateD; \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys [2014-12-23 41856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
S0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2012-01-02 16392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-11-25 53320]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-09-30 1343920]
R2 MaintainerSvc5.70.609258;MaintainerSvc5.70.609258; C:\ProgramData\dfed7653-07f4-44f2-abaa-a70c946c17c3\maintainer.exe [2015-01-09 123672]
R2 SPBIUpd;ShopperPro Update; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2014-12-23 2346880]
R2 Update Yawtix;Update Yawtix; C:\Program Files (x86)\Yawtix\updateYawtix.exe [2015-01-09 529176]
R2 Util Yawtix;Util Yawtix; C:\Program Files (x86)\Yawtix\bin\utilYawtix.exe [2015-01-09 529176]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-30 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Log AdwClenar v pohodě, přikládám. Log z Zoek stále pracuje... jak dlouho by to jet?

# AdwCleaner v4.107 - Report created 09/01/2015 at 21:02:14
# Updated 07/01/2015 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Filip - FILIP-PC
# Running from : D:\Download\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BackupStack
Service Deleted : sbmntr
[#] Service Deleted : SPBIUpd
[#] Service Deleted : SPBIUpdd

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\PC Optimizer Pro
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files (x86)\iWebar
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Object Browser
Folder Deleted : C:\Program Files (x86)\Sense
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\SpeedItup Free
Folder Deleted : C:\Program Files (x86)\Yawtix
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Users\Filip\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Filip\AppData\Local\Temp\Yawtix
Folder Deleted : C:\Users\Filip\AppData\Local\Babylon
Folder Deleted : C:\Users\Filip\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\Filip\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Filip\AppData\LocalLow\iWebar
Folder Deleted : C:\Users\Filip\AppData\LocalLow\Object Browser
Folder Deleted : C:\Users\Filip\AppData\LocalLow\Sense
Folder Deleted : C:\Users\Filip\AppData\Roaming\ASP
Folder Deleted : C:\Users\Filip\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Filip\AppData\Roaming\Browser Extensions
Folder Deleted : C:\Users\Filip\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Filip\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
Folder Deleted : C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Folder Deleted : C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}
Folder Deleted : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Folder Deleted : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Folder Deleted : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof
Folder Deleted : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbecdmcnlcoebdcidcfdkoimbjkcegbc
[/!\] Not Deleted ( Junction ) : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof
File Deleted : C:\Windows\SpeedItup Free Setup Log.txt
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Filip\Desktop\MyPC Backup.lnk
File Deleted : C:\Users\Filip\Desktop\Live PC Help.lnk
File Deleted : C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\searchplugins\dsrlte.xml
File Deleted : C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : LaunchSignup
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : Yahoo! Search
Task Deleted : Yahoo! Search Updater
Task Deleted : 6b144b32-e986-48bc-9bb6-1646fce85034-1
Task Deleted : 6b144b32-e986-48bc-9bb6-1646fce85034-3
Task Deleted : 6b144b32-e986-48bc-9bb6-1646fce85034-4
Task Deleted : 6b144b32-e986-48bc-9bb6-1646fce85034-5
Task Deleted : 6b144b32-e986-48bc-9bb6-1646fce85034-6
Task Deleted : 6b144b32-e986-48bc-9bb6-1646fce85034-7
Task Deleted : 6ec23ea0-6ec8-40dc-b686-74a437d9d25f-1
Task Deleted : 6ec23ea0-6ec8-40dc-b686-74a437d9d25f-3
Task Deleted : 6ec23ea0-6ec8-40dc-b686-74a437d9d25f-4
Task Deleted : 6ec23ea0-6ec8-40dc-b686-74a437d9d25f-5
Task Deleted : 6ec23ea0-6ec8-40dc-b686-74a437d9d25f-6
Task Deleted : 6ec23ea0-6ec8-40dc-b686-74a437d9d25f-7
Task Deleted : f3c825f8-dc21-4793-9f24-12a483c004ae-1
Task Deleted : f3c825f8-dc21-4793-9f24-12a483c004ae-2
Task Deleted : f3c825f8-dc21-4793-9f24-12a483c004ae-3
Task Deleted : f3c825f8-dc21-4793-9f24-12a483c004ae-4
Task Deleted : f3c825f8-dc21-4793-9f24-12a483c004ae-5
Task Deleted : f3c825f8-dc21-4793-9f24-12a483c004ae-6
Task Deleted : f3c825f8-dc21-4793-9f24-12a483c004ae-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nlcphjankhppgohedpkjonpadimhaoof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbecdmcnlcoebdcidcfdkoimbjkcegbc
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKCU\Software\Classes\keepmysearch
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Extensions]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0032850.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0032850.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0032850.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0032850.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048292.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048292.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048292.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048292.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311281150}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411821192}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322282250}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552210}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422822292}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355285550}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555510}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556610}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344284450}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554410}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444824492}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311281150}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551110}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411821192}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311281150}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551110}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311281150}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411821192}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322282250}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552210}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422822292}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355285550}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555510}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556610}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{223C15B5-5420-4954-97C8-CE34D9C9D857}
Key Deleted : HKCU\Software\GOffers
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\ShopperPro
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\iWebar
Key Deleted : HKCU\Software\AppDataLow\Software\Object Browser
Key Deleted : HKCU\Software\AppDataLow\Software\Search Protection
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKCU\Software\AppDataLow\Software\Browser Extensions
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\iWebar
Key Deleted : HKLM\SOFTWARE\Object Browser
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iWebar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Object Browser
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[hd37auco.default\prefs.js] - Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108602&tt=050412_30b");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "041db36f00000000000000262274c935");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "041db36f00000000000000262274c935");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15435");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=108602&tt=050412_30b&babsrc=NT_ss&mntrId=041db36f00000000000000262274c935");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:06:30");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A941953%2C%22ver%22%3A42%[...]
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_941962.value", "%22function%20startAskCom%28e%2Ct%2Cr%29%7Bfunction%[...]
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_941964.value", "%22/*%21%5Cn%20*%20domready%20%28c%29%20Dustin%20Dia[...]
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_941970.value", "%22%28function%20%28%29%20%7B%5Cr%5Cn%5Cr%5Cn%5Ct//%[...]
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[hd37auco.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "145c71a3eebd53f93a0e041c1c52f44c");
[hd37auco.default\prefs.js] - Line Deleted : user_pref("startpage.ntsearch_url", "hxxps://search.yahoo.com/search?fr=spigot-nt-ff&ei=utf-8&ilc=12&type=238417&p={searchTerms}");

-\\ Google Chrome v39.0.2171.95

[C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}
[C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&tt=010412_crm&babsrc=SP_crm
[C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&tt=010412_crm&babsrc=SP_crm

*************************

AdwCleaner[R0].txt - [21800 octets] - [09/01/2015 21:00:07]
AdwCleaner[S0].txt - [21305 octets] - [09/01/2015 21:02:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21366 octets] ##########

Zoek.exe v5.0.0.0 Updated 09-January-2015
Tool run by Filip on p  09.01.2015 at 21:09:13,49.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Filip\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

9.1.2015 21:12:33 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\AWEM deleted successfully
C:\PROGRA~3\dfed7653-07f4-44f2-abaa-a70c946c17c3 deleted successfully
C:\Users\Filip\AppData\Roaming\WebTest deleted successfully
C:\Users\Filip\AppData\Local\GHISLER deleted successfully
C:\Users\Filip\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{ED97F4AE-187A-41EC-9F59-0AA36CFE6F77} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1005FB84-9BE1-49FD-8B7E-3FB15531286} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10063B2F-3205-4260-8188-5653C365AA84} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10080733-8CAE-4199-AE77-B868EF1D2862} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1011F84F-6C0C-4224-8B71-4D9442F86EE} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{101BD16D-EB91-40EB-87C2-4D9C6CB45480} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{101D988B-7F4E-46E9-8FF4-A11ABDD828BB} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1020732-EA33-42DE-8DC2-4A1ACFB18539} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10224C9F-2EA1-483D-9674-B899576CFB34} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10245E6B-9271-477D-BFAB-BEFB9A458CD6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1032B3B7-F6A-440F-B9DA-918ED3BE56AC} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1032C5A9-131-4D77-9E6E-57C71EEF67D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1032FD84-501B-44C8-AF92-B786B3B31ED} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{103CD3D6-DC8D-4459-B95C-1E971BDAD72E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{104C38A1-2293-4B6A-AA13-2C5576BDBC57} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1073BD7C-339A-4AC5-8649-961DB8BEDD4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{108A9E15-3D5A-47D9-94C3-0E225EA655D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{108CE675-930A-43F7-94D5-13DCDB9684A7} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10A6A68D-DF52-4A2D-832B-875945E2992} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10AC4966-FC0F-4B20-88C6-A275B7C5262C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10C2B8E4-4408-4299-873B-7374E68DE1B0} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10C41FC7-C81C-4084-B55D-BF2C525336F} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10C71DD8-A72E-4AE3-81FC-AC8058761C4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10CD90FC-E98C-4F07-B4F-9C19E8FC49E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10D20806-D419-4A0E-95E8-65EE989973A6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10D4B969-785E-4F18-8588-BFB81DC79FD8} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10D5F6AE-9C8E-414F-931D-965EB474A3} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10DF14E-7C93-4717-A853-8158FF6C471A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10E3FAC9-64EE-4608-A35B-B462F4D9547E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10F0691A-1FDE-4273-8837-52F7C2748BB} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{110546FE-77AE-45EC-8815-FD4F9EDE13E1} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11224A91-39AB-4AAA-9866-AB3DFE43AE5} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1126AAB3-CFA8-468D-9684-C2E21CAA1D3} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{114197F8-F52D-4A07-9DB2-A6E2268286A0} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11604543-DB6A-4B8E-BDCD-C88CE9D6B2C4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{117A67DC-6630-497D-99F7-B38C62D569C8} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{117FFBD8-3523-4AA7-985D-E7C8BA43F99} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11909D04-AC77-4D6A-98EC-3F7960B6E470} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{119A4A2C-2174-49E4-9AFA-91C78DCFC7F1} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{119E0114-CC2E-49DC-9ADD-3023C493322A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11AAB3CA-36F8-4738-8C92-DB5939F7AD2C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11B1857F-917B-49CE-B97D-A6C547A9A68D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11C4DC7E-483A-4086-9EDD-FC84C1C091C6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11C7C869-A4C-4C38-BD10-A8FEB7DDC5B5} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11CB5912-5DFB-4352-AE59-77C710BED0D6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11D6D46C-831B-425E-82FE-42C441B58B64} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11EBB967-A7C9-45E7-934F-5CEE875BD9F1} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11F52EFE-FFBE-46F9-A273-3E53AF8B7C83} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11FDF8A9-9BBD-4FEF-94DA-E1B275351AB1} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1201413-F8BC-489E-BF6A-29DE1987A155} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{121851A6-8FF-4A2F-A3C9-BDEB1165B0BA} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{121EBC40-98A0-46C1-85D9-6D4E2EB3B3C6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{123EBA19-F80-4DCE-B826-BFB452EC4DF7} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1253CBA8-7967-4608-AAF3-2B99FC1A74F} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12570B4E-F42-4043-9D4E-E3434BE995B4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{126F6F3B-9F1B-4581-A668-FC1964415F72} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{126FDA20-69F9-4585-B17C-AC7BBFA03B2B} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1280443B-A63E-46A7-BFA-E1188E794B41} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{128BF7BA-71A3-4C56-B060-D8426B8E420} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{129C629B-B4CB-4620-9A70-C89ED1981B6E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12A70AD6-EF85-40C1-B049-65FCC51E732A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12B276CB-ECA2-4C27-91BB-D3BA67A03166} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12B9EB3F-C40A-4FB5-A833-7ACC73E11B2C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12BB3445-20A5-4839-AF4A-94A61CACCB75} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12D44FF2-769D-4A60-AA30-2E25721A294} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12D81351-3B3F-4C6D-8368-33D2BD3E1FE6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12DE8AAB-ECF7-4239-AFE0-26F217737C47} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12E4C16E-2DB9-4928-827B-2E3554BD96} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12E839BE-6C2F-49C0-9B1E-20B2D457B40} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130A0B01-6D41-4EA0-9579-19222F45A28} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{131ADB92-EDE0-465A-B8A6-FD24B182341} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13207B5C-CFF1-42C8-BF6F-C8982F6CD1D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13281512-B742-4798-B6B8-C293E03C70FE} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{136995B2-5579-4C99-989C-133F80D6366C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{136F63CA-E062-4C58-A8C-ADB8F2196D39} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1376626-F377-49DC-811-6AD1DB99ACC2} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{137B1CEB-88DA-4E3A-91ED-4153EDD9B6A5} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13840B9D-7B0F-4CFF-A51C-7711D331E5A3} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1385427D-3819-4F07-8926-F2A9ED5A6217} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{138FCE70-FDEF-45C8-B455-AC3A2A5FCF3D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{139AB401-78DA-4666-B9CE-1A548B18B120} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13A67DEA-2FFF-41EE-A8FF-203568B1A80} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13BE5A80-CDDC-4EB1-BEA9-E5D91642250} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13CD918-130A-4EEA-841E-F307ABC4628} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13FC0257-BC78-4C3E-AA79-C6872EAC1A84} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1416D186-C7E-4CEF-BFCB-3CF43722D044} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14311858-2B7F-457A-A44A-E691DEF8A85} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{144B7FD-738B-4417-8CD-5375A04B6BF} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{144F308A-592B-4B49-8DB-22493FCA986} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1450DFAD-6C7D-45E7-A635-4EB4BB9D457F} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14517E0E-9E1D-4B00-8658-BE538D67F9E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{145BBBA0-EB6A-4667-968F-BF4B610D8A8} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14776AB6-ACD7-4B6C-BE16-19E2EEE947C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{148B4678-69D5-473F-9E93-C9A374AF91A4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1496B85E-5D4E-4BD5-9DE2-D9F7D9DFE9} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14B39744-EAEE-47AA-91C4-48705E8FDBA0} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14BED9F8-D1BD-4B43-BDC4-7A6EAF69ADA4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14C45189-5EEB-474C-95A7-78943A8FCD0} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14EAB535-D848-4623-8C98-42CD66643319} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14F34908-3149-45E7-A718-9628EEFC53A2} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{150480E7-54EE-4AA0-88E-12B75BFB246A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1516F225-1B6E-43CD-AA15-8EE3C5DDE9ED} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{152398CC-4EF4-4412-A733-5A9E8D72ED1} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1524EDD5-3577-437D-9E3E-30C0797F6817} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1535D2BF-943B-46D3-908B-D2FABCB04F2E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1539FED2-7A88-4BD9-86A9-DB6E48191627} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1547E82E-8F8A-43DE-99BE-F98F628A899} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{154905C4-A6A4-4EEF-BC91-DFBCBE5EFFFC} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{158368C1-2939-4BCC-83C6-89BEAB962A9D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1591F5A-7DF6-49C5-BE37-786CE330EF5D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15A5C8FF-8240-484D-91B3-D78B3C32229D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15BAF751-9344-4DB8-BDC7-1F32E35AEAC6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15BDE6D3-8DEA-4ADE-A77C-AA9998BC7BA8} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15C25832-89EE-4AB7-B243-76DA7DD2E3F} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15C7E1E4-A5AC-4985-A343-9CA652AA6661} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15D82F5A-B33D-4EC5-AE68-BE4C31E7F9A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15F5989F-C49E-40F5-A3FF-165C3536651} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15FD3D2A-CD4D-4145-9257-6A413C8394C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160206C2-AB45-4347-A6B3-36BA4AF2F09A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160D9650-7E93-4787-A8B4-C1D9FA56CA6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16321D4E-2FB1-4194-8FEC-E9928E1BE5B1} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{165D7939-4F82-4442-AEDB-86C8978CF52} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{166176B-13B1-4330-9140-8F1CB1814DA9} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1692659C-2EA7-44F4-9E66-87A75D1D6791} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1692AB19-5F78-44A5-BCE4-11EA6DA62CBA} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1693E34-B772-4C86-BF6D-119639D4587B} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{169B87EA-625C-4E25-9713-69BA2049D91} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16D2A2F2-52DF-4FD0-893F-9D3B9BB74E52} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16E0CBFE-A6E2-45FB-9C57-40CC26263589} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EB24D0-5591-4745-AD42-B82EEB714BC9} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EFF7F2-7AC0-49A1-B969-3EC263B7E980} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16F0A109-861B-4995-8F53-84ACE5F43F34} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16F97062-E04E-410A-81C-3B55E22DD96} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{170F0AFC-679A-46BD-96C-243DE382AB2} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{171DD98B-CAF1-467A-BEC8-84354186D6D9} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{172A10CA-82EA-4F81-A285-47506DEEB095} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1733922C-9E48-4D04-8923-B6A9494BAE7A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1735A06E-83EA-4509-97F5-60DD4F0747E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{173A10B5-96C8-4E3E-90E-F8BE76C58BA0} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{174655A6-D2CD-422B-8FD4-D9FE8E1F664} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{174CD000-9415-45FF-A36B-39C7CC61A04C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{174D0CB5-D086-4ADD-AE3B-A4AB8C3B286B} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1785381F-A27A-4BCB-A27F-B12F41DDC2} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{179BBB9E-F6E2-4D54-B198-803E095DDB9} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{179EB22D-A318-472A-BB76-A9D5A1CEBF7A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{179F6E2D-E337-4815-8E77-ADBA9FEE2B84} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17A3DE5F-C939-4CC5-A463-411D248F996} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17ABE675-1943-4064-B8BA-64E16BFB5E3F} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17BDCB23-C6FF-40F6-9414-A1CE1E12E58} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17D48667-EDAF-4842-92EC-48AA6498DD84} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{180D97D0-EB6C-4570-8347-3293F1FC97D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{181A2DE2-24B5-4D1E-B65E-7B6A7F3C9988} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18357417-58C3-4490-8C63-476C37F39F32} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1842C519-FECF-4F05-8A43-B4E4111CFC18} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18519730-66B9-464B-80B5-2E587FF7C69F} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1886F57D-3F62-426F-AE3B-541179CFAA8} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{188AAC6D-58D9-4C71-B947-728C2DAC4C3} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{189DC4C3-D74C-4A79-8D66-33F92B862A33} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18B6BA85-FDCC-4C08-B48D-7ED327F9C49} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18B91997-BC6D-4C1D-B6C7-78511F36E2D6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18C45C7B-D966-4297-BD3A-EE6311C8CC8E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18D1CEF5-A553-4866-9BF5-A07115AD780} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902A188-F558-4B4D-8FA0-C030BBBDFDD4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{191BF8DC-1899-4444-9CC-24A0B71843B3} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{194266A6-5CFC-4700-81D5-C195493898DF} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19527E7D-E1C9-4FBA-B26E-95E3EBBCFC3B} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1957EF6E-32E3-450F-A243-3B8EFA3383E6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1958526A-AE07-4577-A7FE-475574566BB4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19683E69-BB3B-4289-A237-3E11A0752144} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{197548C3-7F00-4E5A-A520-A8A7FB3F967} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{198D5DF9-B66B-485D-ACC2-4536CCCC79A1} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1993C7AB-9627-415E-8738-76B2629D9554} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1993CFD0-99E7-4E58-8AE4-D81BF965939} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1999CB61-B2D4-440E-9C6F-707648D91627} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19B72C97-96E4-4DB1-978B-2CDA174B6F55} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19ECAAA4-82EB-4088-8E8D-9531F7A0F42A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19F5A70C-FEED-4D56-B8D4-92BBD319D76} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19FAA361-AA77-49B9-ABF-25CF4C2B2697} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A0031B0-95A9-42BA-AE21-3BED69DAE7E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A0BBB5-EF2-4201-8423-F983C4B076BD} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A18C122-EBAF-48E0-AE19-282FC45C3683} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A22A0D3-D40E-4657-92DA-3B8A9BCBBF6A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A2D191B-D4EA-4F61-917E-8662975352} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A4E89E7-4CBC-4DAE-B55D-6AAE4D3941AC} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A5FC13D-A99C-4F03-8817-62929493E0D3} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A74BDF4-99B3-4E10-89CD-9516E61B89D1} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A91EC9C-7425-48D9-AA37-29C021942DAD} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A98B9FE-6059-49E3-B82A-D3A554D5F0D3} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A9E476F-1F50-4368-A365-DD5EDB8DB33} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AA5208E-6CF2-40B9-B5B5-487193A8ED29} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AB95D58-76C-41E8-A456-2FD8D24593E4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AC390C1-2BB3-4D53-932-85FF4F6E4B3D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ADF7BEC-520C-4323-93F1-6091B337A032} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AF5D9F7-7E00-4C8F-AF1C-43E740309C7} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AF9B1F9-21E7-4162-A5BB-8A425574B120} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B45023-FCBF-466B-A286-B6B20389376} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B54DBFC-CFE4-4D1F-A576-D24F6DFF782D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B55079F-E4A8-45A5-B3A7-2E1F6419F4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B63AAC-9834-41AF-89A4-81E1683BB23A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B67D469-1E61-4E45-83F1-C1CE2AE5A54} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B6B1262-5EE4-49A3-BF45-E2B76D381B6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B89FE0E-1B3F-4045-B6DB-F77FC45C45C3} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B9CC50E-9F89-45DB-8E3F-9A38384AB467} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BA9B7D1-7D6D-4B1C-AF64-68ADB16BD7B} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BAB1E94-B1E9-4644-ABFE-9F58CD62A372} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BB31ED5-F017-4719-AD73-556625E415C9} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BD2C7C-40FB-47BE-9D18-B496E8EE7695} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BD4433D-5AD-44B0-A5E6-FBF9C8CA5C29} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C275556-A64E-49A9-B39B-18C7A84C96C7} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C2AF555-4E63-41D3-A617-9477C39EEA0} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C45B97B-26A0-41C1-9ADD-2A8D5F30DE28} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C61021E-8C-4DB0-ADF2-E53F1D15E8} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C6AFBB3-6CE9-446C-B2F3-624788A2522C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C7B6A8C-D943-432A-AAF4-9D89EE6859} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C8D9E30-DC35-4EF7-994-4E50D73A3519} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C930CD9-E1FB-476E-A938-43BD1F64F649} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C943C5F-87A8-4371-B27A-A914C583690} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CAE7954-6D2C-4A65-A7D6-49E68DB5DCE6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CAFE9A2-FF87-4D4D-8498-82531D92E6C3} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CC812A9-6B24-490A-A8F0-F697EBAFA112} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CE5FEC-58B5-4461-AEB5-224958C09E2A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CEE3D0F-514C-43DE-91D7-7222A86EF35} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D0F29B7-BCB1-4052-BF5B-C4C339BEF445} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D151716-ABA5-4A32-BC7-13DDF6A1B3} deleted successfully

HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD1F143-B18B-472C-B38C-7143D2FF28D9} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD2A3B50-C31D-403F-9747-AE805DC19335} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD3C30B7-B206-436F-856-4341AB3897DD} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD464B58-E0E-4BBE-BA26-4C9DDCFC5987} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD4848F1-F0BF-4364-9459-1B969477D6C5} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD584041-A998-41F9-9C86-B1C56024C1F4} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD5F2469-EF44-401C-B1ED-B6CCE799D882} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD7A1F5A-330A-4590-BC8F-99552965213} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD95F32B-68DB-4DCF-BCD4-550C1F11C62} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDB0935D-DE33-4E4C-8BA4-E06E97378173} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDCD3431-27CA-4D12-B2BF-70A2776DBD2F} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDED5DDA-57B7-48B5-B7A3-50278551399A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDF44EF4-3BD6-44F7-9A78-9583983A3585} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDF8B041-9284-428E-936A-D8F508273AB} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDF9C9B1-75BD-44DD-BFD8-2A55ABFE1070} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE01E749-BD36-4370-89D5-70955EBC4C48} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE126F-61F7-4824-AC1A-818BE6EA47} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE19DF75-913-48B4-9EF3-FE4523465} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE38A68D-B05C-42E4-BED1-A8C48162B235} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE40BAAC-EC4F-4CCF-B8C5-68402561ED2A} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE58C69F-997C-4B95-A7A-FDF0855BC4BD} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE5BF924-818B-4E33-B0AB-CEF01AE2B531} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE5D4AC7-7D3E-42B0-B6D9-9F30EA8B8E86} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE5F6ADF-C4B5-4B72-9A9A-A1E6DFD1B81B} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE82E1EB-6824-4DFD-8463-71818FDA54} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE87267-2F97-4705-91F4-A21C17809937} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE888D6C-C615-4221-B8D6-CB9BE9F160E7} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE8F58F0-8BD6-4007-BABA-AD484B2A613} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE9E252F-A704-4A54-A3CA-4CA8D4B355D1} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEA8B1A7-2557-433E-B3F4-2880F4F733E8} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEB2C8F-C1F8-4F6E-A6C7-FB6055E8EE40} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEBB88C7-4D17-4052-9188-1DBB7FDDEA9F} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEC81AB5-95A1-439D-87F6-23621D70568B} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEE36F53-A779-4C41-B5A6-3B7CE020159E} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEF4DB8D-7EA8-4595-BF85-AAEA9ACE65B0} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF08E2E5-4A38-4FB7-A7EE-101228DBD784} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF0F1C22-6CE1-4E53-9AE4-C24962F15B63} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF183960-CEBD-4045-9F91-CA906AF2A0C5} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF1E4D0A-5413-4C0A-81B0-2FCDDFCBA10} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF2469D3-1575-42BD-BA84-6645296373D8} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF3A687-3A85-4B13-9678-291A28E2F42} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF3B9A35-44E2-455E-9BEE-79913D124E9D} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF43ECBC-453F-4F61-855A-41C32E256C6F} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF51970F-EE2C-499C-BD6E-AA449D23D13C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF6B6D13-4D09-492D-94B5-B0C6E65BCCB} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF6F3FD9-7C2E-4A4D-A047-ECE355B68BFA} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF71611F-1B84-42E3-A62B-3EBBD4B73F0} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF755B7C-5A-4B4E-A16E-152AF118CEAE} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF7B4A9D-9A1A-4DBE-B015-3BD287432CE6} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF8E18FF-4326-4C19-A3B6-13AF1B8AFE9C} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFB5FE6E-849-47A4-B411-1A4A38B3EAE8} deleted successfully
HKEY_USERS\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFC07E13-10E4-431C-A226-938EA341D0E8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57570b49-d71d-4634-b994-bb917747749d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9fa8f186-409f-47b4-a33e-185d925509bd} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d5affead-acec-41c4-af4f-e7f31a0d73de} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e7257339-7e14-49f9-b7d8-8ac4fbf698ab} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MaintainerSvc5.70.609258 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\MaintainerSvc5.70.609258 deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "https://search.yahoo.com/search?fr=gree ... =238417&p=");

Added to C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\prefs.js:

ProfilePath: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_10.01.2015_0000_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Display Offer deleted
C:\user.js deleted
C:\Users\Filip\AppData\Roaming\YoudaGames deleted
C:\PROGRA~3\spds90.txt deleted
C:\Users\Filip\AppData\Local\Installer deleted
C:\windows\SysNative\tasks\UNELEVATE_19223 deleted
C:\windows\SysNative\Tasks\SPBIW_UpdateTask_Time_323635373632393533312d3437415a556c2a3223346c41 deleted
C:\windows\SysNative\tasks\YTDownloaderUpd deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com deleted
C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\extensions\2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com deleted
C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default
- Undetermined - {62DD0A97-FDD4-421b-94A5-D1A9434450C7}
- Undetermined - {DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4}
- Undetermined - {CA8C84C6-3918-41b1-BE77-049B2BDD887C}
- Undetermined - zzoomit@zoom.com
- Undetermined - 2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com
- Undetermined - 9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com
- Undetermined - 143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com
- Zoom It - %ProfilePath%\extensions\zzoomit@zoom.com
- Start Page - %ProfilePath%\extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7}
- Ebay Shopping Assistant by Spigot - %ProfilePath%\extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C}
- Amazon Shopping Assistant by Spigot - %ProfilePath%\extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4}
- Nokia Drop - %ProfilePath%\extensions\jid1-uzLUl48X4QaYDA@jetpack.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Click to call with Skype - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default
9860727E477F17B88E39AF8B69B0407A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash
A63259925ADB2A1181C712513EBFB8ED - C:\Users\Filip\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Deleted Firefox Extensions ======================

C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)



==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Filip\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Filip\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5IFNPFXH will be deleted at reboot
C:\Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\INVW5EZA will be deleted at reboot
C:\Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5G59EGI will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Filip\AppData\Local\Mozilla\Firefox\Profiles\hd37auco.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=379 folders=49 22950923 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Filip\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Filip\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5IFNPFXH" not found
"C:\Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\INVW5EZA" not found
"C:\Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5G59EGI" not found
"C:\Users\Filip\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\A3J9LZFR\www.sogood.com" not found

==== EOF on so 10.01.2015 at 0:12:27,15 ======================

Zoek pracoval dlouho, ale hezky to procisitil

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Ano chvilku mu to trvalo , ale výsledek už je znát

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Filip (administrator) on FILIP-PC on 10-01-2015 12:18:17
Running from C:\Users\Filip\Desktop
Loaded Profile: Filip (Available profiles: Filip)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(BitTorrent Inc.) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
() C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
() C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5549768 2014-09-30] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2012-01-02] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [SpeedItupFree] => "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [uTorrent] => C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-23] (BitTorrent Inc.)
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [S60 PC Suite Tray] => C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe [699392 2008-12-06] ()
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\MountPoints2: {55c2eac9-3327-11e3-bc4b-00262274c935} - F:\LGAutoRun.exe
HKU\S-1-5-18\...\Run: [Samsung.PCSync] => C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe [1294336 2008-09-18] (Time Information Services Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3422153077-2317573961-1470461061-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.101.1 10.10.10.10

FireFox:
========
FF ProfilePath: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default
FF DefaultSearchEngine: Yahoo!
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3422153077-2317573961-1470461061-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filip\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\searchplugins\yahoo_ff.xml
FF Extension: Zoom It - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\zzoomit@zoom.com [2014-12-25]
FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} [2014-10-22]
FF Extension: Amazon Shopping Assistant by Spigot - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4} [2014-10-22]
FF Extension: Nokia Drop - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\jid1-uzLUl48X4QaYDA@jetpack.xpi [2013-04-17]
FF Extension: Click to call with Skype - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-09]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2015-01-09]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2014-05-04]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-15]
CHR Extension: (Peněženka Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-09]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343920 2014-09-30] (ESET)
R3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
S2 Update Yawtix; "C:\Program Files (x86)\Yawtix\updateYawtix.exe" [X]
S2 Util Yawtix; "C:\Program Files (x86)\Yawtix\bin\utilYawtix.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [240344 2014-09-30] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [240344 2014-09-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-09-30] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2014-09-30] (ESET)
S2 SPDRIVER_1.38.0.1437; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1437\jsdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 12:19 - 2015-01-10 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-01-10 12:19 - 2015-01-10 12:19 - 00000000 ____D () C:\ProgramData\ESET
2015-01-10 12:19 - 2015-01-10 12:19 - 00000000 ____D () C:\Program Files\ESET
2015-01-10 12:18 - 2015-01-10 12:18 - 00010791 _____ () C:\Users\Filip\Desktop\FRST.txt
2015-01-10 12:16 - 2015-01-10 12:18 - 00000000 ____D () C:\FRST
2015-01-10 12:14 - 2015-01-10 12:15 - 02124288 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2015-01-10 00:18 - 2015-01-10 00:18 - 00750273 _____ () C:\Users\Filip\Desktop\zoek-results.txt
2015-01-10 00:08 - 2015-01-09 21:08 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-09 21:12 - 2015-01-10 00:12 - 00750273 _____ () C:\zoek-results.log
2015-01-09 21:08 - 2015-01-10 00:03 - 00000000 ____D () C:\zoek_backup
2015-01-09 21:08 - 2015-01-09 21:08 - 01295360 _____ () C:\Users\Filip\Desktop\zoek.exe
2015-01-09 21:00 - 2015-01-09 21:02 - 00000000 ____D () C:\AdwCleaner
2015-01-09 20:28 - 2015-01-09 20:55 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-09 19:52 - 2015-01-09 19:56 - 00000000 ____D () C:\rsit
2015-01-09 19:52 - 2015-01-09 19:56 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-12-24 12:58 - 2014-12-24 12:58 - 00000000 __SHD () C:\Users\Filip\AppData\Local\EmieBrowserModeList
2014-12-17 23:05 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 23:05 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 10:46 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 10:46 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 10:45 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-12 10:45 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 10:45 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 10:45 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 10:45 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-12 10:45 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 10:45 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-12 10:45 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 10:45 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-12 10:45 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-12 10:45 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 10:45 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-12 10:45 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 10:45 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-12 10:45 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 10:45 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-12 10:45 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 10:45 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 10:45 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 10:45 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 10:45 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 10:45 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-12 10:45 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 10:45 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 10:45 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-12 10:45 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 10:45 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 10:45 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 10:45 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 10:45 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 10:45 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-12 10:45 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 10:45 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 10:45 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 10:45 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-12 10:45 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-12 10:45 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 10:45 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 10:45 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 10:45 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 10:45 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-12 10:45 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 10:45 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 10:45 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 10:45 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 10:45 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 10:45 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 10:45 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 10:45 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 10:45 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 10:45 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-12 10:45 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 10:45 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 10:45 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 12:20 - 2014-05-09 14:35 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\uTorrent
2015-01-10 12:16 - 2009-07-14 05:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 12:16 - 2009-07-14 05:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 12:09 - 2012-02-15 19:23 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-10 12:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-10 12:09 - 2009-07-14 05:51 - 00054759 _____ () C:\Windows\setupact.log
2015-01-10 00:25 - 2011-10-03 20:45 - 01830424 _____ () C:\Windows\WindowsUpdate.log
2015-01-10 00:10 - 2011-10-03 22:00 - 00168638 _____ () C:\Windows\PFRO.log
2015-01-10 00:02 - 2012-02-15 19:23 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-09 23:32 - 2012-08-11 06:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-09 23:06 - 2014-06-30 12:56 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-01-09 21:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-09 21:04 - 2012-05-06 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-09 20:55 - 2014-12-09 15:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-09 20:55 - 2011-10-03 20:55 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-09 20:47 - 2012-08-11 06:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-09 20:47 - 2012-08-11 06:45 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-09 20:47 - 2011-10-03 21:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-09 20:19 - 2011-10-30 08:08 - 00000000 ____D () C:\Users\Filip\AppData\Local\Adobe
2015-01-09 20:14 - 2009-07-14 16:18 - 00622660 _____ () C:\Windows\system32\perfh005.dat
2015-01-09 20:14 - 2009-07-14 16:18 - 00118810 _____ () C:\Windows\system32\perfc005.dat
2015-01-09 20:14 - 2009-07-14 06:13 - 01445734 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-09 19:49 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2015-01-09 19:44 - 2011-10-03 21:03 - 00000000 ____D () C:\Users\Filip\AppData\Local\ESET
2015-01-08 19:36 - 2014-08-05 13:44 - 00000000 ____D () C:\Windows\Software Display
2015-01-08 19:36 - 2014-08-05 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Display
2015-01-08 19:36 - 2014-08-05 13:44 - 00000000 ____D () C:\Program Files (x86)\Software Display
2015-01-06 04:36 - 2011-10-03 21:11 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-25 08:41 - 2014-08-07 16:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-12-13 04:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 03:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 03:08 - 2013-08-16 13:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 03:08 - 2011-10-03 21:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-13 03:03 - 2011-10-29 20:30 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-07 15:57

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [NPSStartup] => [X]
  HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2012-01-02] (Samsung Electronics Co., Ltd.)
  HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [SpeedItupFree] => "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
  HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [uTorrent] => C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-23] (BitTorrent Inc.)
  HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [S60 PC Suite Tray] => C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe [699392 2008-12-06] ()
  HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\MountPoints2: {55c2eac9-3327-11e3-bc4b-00262274c935} - F:\LGAutoRun.exe
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  FF SearchPlugin: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\searchplugins\yahoo_ff.xml
  FF Extension: Zoom It - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\zzoomit@zoom.com [2014-12-25]
  FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} [2014-10-22]
  FF Extension: Amazon Shopping Assistant by Spigot - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4} [2014-10-22]
  FF Extension: Click to call with Skype - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-09]
  
  S2 Update Yawtix; "C:\Program Files (x86)\Yawtix\updateYawtix.exe" [X]
  S2 Util Yawtix; "C:\Program Files (x86)\Yawtix\bin\utilYawtix.exe" [X]
  S2 SPDRIVER_1.38.0.1437; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1437\jsdrv.sys [X]
  
  C:\Program Files (x86)\SpeedItup Free
  C:\Program Files (x86)\Yawtix
  C:\Program Files (x86)\ShopperPro
  2015-01-10 12:18 - 2015-01-10 12:18 - 00010791 _____ () C:\Users\Filip\Desktop\FRST.txt
  2015-01-10 00:18 - 2015-01-10 00:18 - 00750273 _____ () C:\Users\Filip\Desktop\zoek-results.txt
  2015-01-10 00:08 - 2015-01-09 21:08 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2015-01-09 21:12 - 2015-01-10 00:12 - 00750273 _____ () C:\zoek-results.log
  2015-01-09 21:08 - 2015-01-10 00:03 - 00000000 ____D () C:\zoek_backup
  2015-01-09 21:08 - 2015-01-09 21:08 - 01295360 _____ () C:\Users\Filip\Desktop\zoek.exe
  2015-01-09 21:00 - 2015-01-09 21:02 - 00000000 ____D () C:\AdwCleaner
  2015-01-09 19:52 - 2015-01-09 19:56 - 00000000 ____D () C:\rsit
  2015-01-09 19:52 - 2015-01-09 19:56 - 00000000 ____D () C:\Program Files (x86)\trend micro
  2015-01-10 00:02 - 2012-02-15 19:23 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  2015-01-09 23:32 - 2012-08-11 06:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
  2015-01-09 23:06 - 2014-06-30 12:56 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Filip at 2015-01-11 19:34:42 Run:1
Running from C:\Users\Filip\Desktop
Loaded Profile: Filip (Available profiles: Filip)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2012-01-02] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [SpeedItupFree] => "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [uTorrent] => C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-23] (BitTorrent Inc.)
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\Run: [S60 PC Suite Tray] => C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe [699392 2008-12-06] ()
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\...\MountPoints2: {55c2eac9-3327-11e3-bc4b-00262274c935} - F:\LGAutoRun.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF SearchPlugin: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\searchplugins\yahoo_ff.xml
FF Extension: Zoom It - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\zzoomit@zoom.com [2014-12-25]
FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} [2014-10-22]
FF Extension: Amazon Shopping Assistant by Spigot - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4} [2014-10-22]
FF Extension: Click to call with Skype - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-09]

S2 Update Yawtix; "C:\Program Files (x86)\Yawtix\updateYawtix.exe" [X]
S2 Util Yawtix; "C:\Program Files (x86)\Yawtix\bin\utilYawtix.exe" [X]
S2 SPDRIVER_1.38.0.1437; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1437\jsdrv.sys [X]

C:\Program Files (x86)\SpeedItup Free
C:\Program Files (x86)\Yawtix
C:\Program Files (x86)\ShopperPro
2015-01-10 12:18 - 2015-01-10 12:18 - 00010791 _____ () C:\Users\Filip\Desktop\FRST.txt
2015-01-10 00:18 - 2015-01-10 00:18 - 00750273 _____ () C:\Users\Filip\Desktop\zoek-results.txt
2015-01-10 00:08 - 2015-01-09 21:08 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-09 21:12 - 2015-01-10 00:12 - 00750273 _____ () C:\zoek-results.log
2015-01-09 21:08 - 2015-01-10 00:03 - 00000000 ____D () C:\zoek_backup
2015-01-09 21:08 - 2015-01-09 21:08 - 01295360 _____ () C:\Users\Filip\Desktop\zoek.exe
2015-01-09 21:00 - 2015-01-09 21:02 - 00000000 ____D () C:\AdwCleaner
2015-01-09 19:52 - 2015-01-09 19:56 - 00000000 ____D () C:\rsit
2015-01-09 19:52 - 2015-01-09 19:56 - 00000000 ____D () C:\Program Files (x86)\trend micro
2015-01-10 00:02 - 2012-02-15 19:23 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-09 23:32 - 2012-08-11 06:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-09 23:06 - 2014-06-30 12:56 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NPSStartup => value deleted successfully.
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AutoStartNPSAgent => value deleted successfully.
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpeedItupFree => value deleted successfully.
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\Software\Microsoft\Windows\CurrentVersion\Run\\S60 PC Suite Tray => value deleted successfully.
"HKU\S-1-5-21-3422153077-2317573961-1470461061-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55c2eac9-3327-11e3-bc4b-00262274c935}" => Key deleted successfully.
HKCR\CLSID\{55c2eac9-3327-11e3-bc4b-00262274c935} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\searchplugins\yahoo_ff.xml => Moved successfully.
C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\zzoomit@zoom.com => Moved successfully.
C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} => Moved successfully.
C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\hd37auco.default\Extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4} => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => Moved successfully.
Update Yawtix => Service deleted successfully.
Util Yawtix => Service deleted successfully.
SPDRIVER_1.38.0.1437 => Service deleted successfully.
"C:\Program Files (x86)\SpeedItup Free" => File/Directory not found.
"C:\Program Files (x86)\Yawtix" => File/Directory not found.
"C:\Program Files (x86)\ShopperPro" => File/Directory not found.
C:\Users\Filip\Desktop\FRST.txt => Moved successfully.
C:\Users\Filip\Desktop\zoek-results.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Filip\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files (x86)\trend micro => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Program Files\Common Files\ShopperPro => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 141.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog 19:35:12 ====

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Děkuji za skvělou pomoc

Nemate zac, rad jsem pomohl Zase nekdy


A na zaklade Pravidla o zamykani temat