Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2015-03-18 17:17:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (3%) free of 954 GB
Total RAM: 4095 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:18:11, on 18.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\Rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\mjcm\dnkt.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Pivot Stickfigure DB Toolbar\tbhelper.dll
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: (no name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Pivot Stickfigure DB Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O3 - Toolbar: (no name) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file)
O3 - Toolbar: Pivot Stickfigure DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Pivot Stickfigure DB Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: (no name) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - (no file)
O3 - Toolbar: (no name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O3 - Toolbar: (no name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - (no file)
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [ConduitHelper] "C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [PSwitch] C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Martin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [f.lux] "C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Games\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: c:\progra~2\search~1\search~1\datamngr.dll c:\progra~2\search~1\search~1\iebho.dll c:\progra~2\contin~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: SluA3ba DealPly Live (dealplylive) (dealplylive) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: SluA3ba DealPly Live (dealplylivem) (dealplylivem) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: IB Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17013 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {ED3CAEFF-21F7-442C-B01A-03600759950F}
C:\Windows\SysWOW64\Rundll32.exe "C:\Users\Martin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IB Updater\ExtensionUpdaterService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\dmwu.exe
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe" -sSONY_MEDIAMGR
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe" /TUStart /pid:2344
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 2624
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Windows\SysWOW64\mjcm\dnkt.exe"
"C:\Windows\System32\tprb\dnkt.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-eb878f39-fd7c-4849-9d65-7febbae4d700 -SystemEventPortName:HostProcess-0e620d9c-2c7c-4d1c-8b17-9fdb7ab302f3 -IoCancelEventPortName:HostProcess-a523b9f2-f530-4e85-8ebc-3304c44acc98 -NonStateChangingEventPortName:HostProcess-f0708f0d-cd75-408f-ab8c-ce9d3f585b60 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:29c2f9e4-69d8-417f-86d8-66bdc69eb7be -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
taskmgr.exe /3
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Martin\AppData\Local\Steam\htmlcache" -steampid 1344 -buildid 1426632241 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
taskeng.exe {81495B34-83AD-44BE-BD22-E122AC1F4EFD}
"C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe" /automatic
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="4384.0.1445169255\1052947916" /prefetch:673131151
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="4384.1.1492960164\1706516003" /prefetch:673131151
"C:\Program Files (x86)\TuneUp Utilities 2012\TUDefragBackend64.exe" \\.\pipe\TuneUpDefrag5804
"C:\Users\Martin\Downloads\RSITx64.exe"
taskeng.exe {6BB965A7-4D37-4E92-B431-AA7B9299EF69}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DealPlyLiveUpdateTaskMachineCore.job - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe /c
C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe /ua /installsource scheduler
C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe scan
C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -updatecheck
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 68976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-05 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-05 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\Pivot Stickfigure DB Toolbar\tbcore3.dll [2011-06-22 2398720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
{338B4DFE-2E2C-4338-9E41-E176D497299E} - Pivot Stickfigure DB Toolbar - C:\Program Files (x86)\Pivot Stickfigure DB Toolbar\tbcore3.dll [2011-06-22 2398720]
{99079a25-328f-4bd4-be04-00955acaa0a7}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
{F9639E4A-801B-4843-AEE3-03D9DA199E77}
{88ac3cb6-596b-4217-964c-b6757ef9602d}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2014-02-26 4689584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PSwitch"=C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe [2012-01-03 5299768]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"BackgroundContainer"=C:\Windows\SysWOW64\Rundll32.exe [2009-07-14 44544]
"uTorrent"=C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe [2015-03-04 1742928]
"f.lux"=C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe [2012-07-09 1061008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
C:\Program Files (x86)\Clownfish\Clownfish.exe [2011-11-28 986624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-02-17 3978600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN]
C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe [2012-09-10 196784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-03-17 2887872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe [2015-03-04 1742928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
C:\PROGRA~2\Hamachi\hamachi.exe [2014-12-01 624416]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2014-02-26 4689584]
"RemoteControl"=C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"LGODDFU"=C:\Program Files (x86)\lg_fwupdate\lgfw.exe [2012-11-05 27760]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2011-08-01 114992]
"ConduitHelper"=C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe [2011-08-31 274216]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Smart File Advisor"=C:\Program Files (x86)\Smart File Advisor\sfa.exe [2011-04-04 280824]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-05 5227112]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2012-12-25 4474832]
""= []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-02-17 3978600]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"HideSCAHealth"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ansurf.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate-windows.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avic.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\badoo.desktop.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\basics.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllfixer.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\proxyswitcher.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\statsreader.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teamviewer.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tunngle.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninstall.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmnetcfg.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmplayer.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmware.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\yourfile.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"vidc.XVID"=xvidvfw.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux3"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi9"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-03-18 17:17:11 ----D---- C:\Program Files\trend micro
2015-03-18 17:17:10 ----D---- C:\rsit
2015-03-10 16:45:33 ----D---- C:\Users\Martin\AppData\Roaming\uplay
2015-03-09 17:44:08 ----D---- C:\Program Files (x86)\R.G. Freedom
2015-03-07 22:02:29 ----A---- C:\autoexec.bat
2015-03-07 22:00:55 ----D---- C:\Program Files\Enigma Software Group
2015-03-03 18:43:23 ----D---- C:\Program Files\Sony
2015-03-03 18:20:15 ----D---- C:\Users\Martin\AppData\Roaming\Sony Creative Software Inc
2015-02-28 20:55:09 ----D---- C:\Program Files (x86)\CatACat
======List of files/folders modified in the last 1 month======
2015-03-18 17:17:23 ----D---- C:\Windows\Prefetch
2015-03-18 17:17:19 ----D---- C:\Windows\Temp
2015-03-18 17:17:11 ----D---- C:\Program Files
2015-03-18 16:40:07 ----D---- C:\Program Files (x86)\Steam
2015-03-18 15:50:40 ----D---- C:\Windows\system32\config
2015-03-18 15:33:13 ----D---- C:\Users\Martin\AppData\Roaming\uTorrent
2015-03-18 15:27:23 ----D---- C:\Windows\system32\Tasks
2015-03-18 15:27:05 ----D---- C:\ProgramData\NVIDIA
2015-03-17 20:24:16 ----SHD---- C:\System Volume Information
2015-03-14 14:59:50 ----SHD---- C:\Windows\Installer
2015-03-14 14:57:52 ----RSD---- C:\Windows\assembly
2015-03-14 14:40:09 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-03-12 15:47:51 ----A---- C:\Windows\ntbtlog.txt
2015-03-10 17:29:34 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2015-03-10 17:17:47 ----D---- C:\ProgramData\Microsoft Help
2015-03-10 16:29:06 ----D---- C:\ProgramData\Package Cache
2015-03-10 16:02:44 ----D---- C:\Program Files (x86)\Ubisoft
2015-03-10 15:43:48 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2015-03-09 17:44:08 ----RD---- C:\Program Files (x86)
2015-03-08 14:01:04 ----D---- C:\Users\Martin\AppData\Roaming\Sony
2015-03-08 08:33:30 ----D---- C:\Windows\system32\drivers
2015-03-07 09:25:59 ----D---- C:\Program Files (x86)\Rockstar Games
2015-03-06 15:18:26 ----D---- C:\Program Files (x86)\SpeedFan
2015-03-03 19:24:53 ----D---- C:\ProgramData\Sony
2015-03-03 18:55:16 ----D---- C:\Windows\Microsoft.NET
2015-03-03 18:53:26 ----D---- C:\Windows\SysWOW64
2015-03-03 17:52:26 ----D---- C:\Users\Martin\AppData\Roaming\MMFApplications
2015-03-03 17:51:32 ----D---- C:\Games
2015-03-02 17:50:15 ----D---- C:\Windows\System32
2015-03-01 13:42:28 ----D---- C:\Users\Martin\AppData\Roaming\DarknessII
2015-03-01 08:04:14 ----D---- C:\Program Files (x86)\lg_fwupdate
2015-03-01 08:04:11 ----A---- C:\Windows\lgfwup.ini
2015-02-25 15:31:35 ----D---- C:\Windows\system32\catroot2
2015-02-23 20:11:07 ----D---- C:\Users\Martin\AppData\Roaming\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-05 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-05 267632]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2011-12-15 2687592]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-05 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-02-05 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-05 436624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-04 283064]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-04-15 127384]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-05 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-05 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-05 116728]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-10-27 196384]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2012-07-31 38992]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-24 11856]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2014-03-03 690864]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-08-12 868848]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 DIRECTIO;DIRECTIO; \??\C:\Program Files (x86)\BurnInTest\DirectIo.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 61808]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2012-05-12 121416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2014-05-19 13480]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-08-01 38632]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-12-17 42184]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-05 50344]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-02-17 2490216]
R2 IB Updater;IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [2013-01-29 188760]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2015-01-05 3039536]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-02-16 417552]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-10-13 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-05-10 76888]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-30 2123584]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-12-12 27768]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-17 835776]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2011-12-15 538000]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 dealplylive;Služba DealPly Live (dealplylive); C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-06-13 148000]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 dealplylivem;Služba DealPly Live (dealplylivem); C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-06-13 148000]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-01-30 1910128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-13 1255736]
S4 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S4 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2011-07-20 206336]
S4 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
S4 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-06-24 754584]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Zoek.exe v5.0.0.0 Updated 17-March-2015
Tool run by Martin on st 18.03.2015 at 18:25:01,37.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Martin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
18.3.2015 18:29:53 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Possible Rootkit Infection ======================
C:\Windows\installer\{085c8539-fde1-32e1-be0b-41bc372b1e8c}\L
C:\Windows\installer\{085c8539-fde1-32e1-be0b-41bc372b1e8c}\U
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\BioWare deleted successfully
C:\PROGRA~2\Black Forest Games deleted successfully
C:\PROGRA~2\CatACat deleted successfully
C:\PROGRA~2\Goat Simulator deleted successfully
C:\PROGRA~2\Midway Home Entertainment deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Saucy Releases deleted successfully
C:\PROGRA~2\Team JPN deleted successfully
C:\PROGRA~2\Unigine deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\Rockstar Games deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Turbine deleted successfully
C:\PROGRA~3\Unity deleted successfully
C:\Users\Martin\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Martin\AppData\Roaming\TP deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\SearchScopes\{54EDFBA8-A017-46C2-B716-8C1A9E098BCA} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{64182481-4F71-486B-A045-B233BD0DA8FC} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110011341191} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{88ac3cb6-596b-4217-964c-b6757ef9602d} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{88ac3cb6-596b-4217-964c-b6757ef9602d} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{88ac3cb6-596b-4217-964c-b6757ef9602d} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\fbphotozoom@installdaddy.com deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo");
Added to C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("keyword.URL", "http://search.yahoo.com/search?ei=utf-8 ... &ilc=12&p=");
Added to C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Martin\AppData\Roaming\Thunderbird\Profiles\g4vdmxqh.default\prefs.js:
Added to C:\Users\Martin\AppData\Roaming\Thunderbird\Profiles\g4vdmxqh.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\BioWare not found
C:\PROGRA~2\Black Forest Games not found
C:\PROGRA~2\CatACat not found
C:\PROGRA~2\Goat Simulator not found
C:\PROGRA~2\Midway Home Entertainment not found
C:\PROGRA~2\Saucy Releases not found
C:\PROGRA~2\Team JPN not found
C:\PROGRA~2\Unigine not found
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\PROGRA~2\TunnelBear deleted
C:\Users\Martin\AppData\LocalLow\uTorrentBar deleted
C:\Users\Martin\.android deleted
C:\PROGRA~2\Warner Bros. Interactive Entertainment deleted
C:\PROGRA~2\Empire Interactive deleted
C:\PROGRA~2\Paradox Interactive deleted
C:\PROGRA~2\Proxy Switcher Standard deleted
C:\PROGRA~2\Smart File Advisor deleted
C:\PROGRA~2\PrivitizeVPN deleted
C:\PROGRA~2\Solibo Ltd deleted
C:\PROGRA~2\WhiteSmokeTranslator deleted
C:\~C5FF.tmp deleted
C:\~CCEF.tmp deleted
C:\~E7AF.tmp deleted
C:\extensions deleted
C:\prefs.js deleted
C:\user.js deleted
C:\install.exe deleted
C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted
C:\Users\Martin\eax.dll deleted
C:\Users\Martin\ogg.dll deleted
C:\Users\Martin\vorbis.dll deleted
C:\Users\Martin\vorbisFile.dll deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\SeaurCh-NNewTab deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Martin\AppData\Local\CRE deleted
C:\Users\Martin\AppData\Local\Updater3491 deleted
C:\Users\Martin\AppData\Local\cache deleted
C:\Users\Martin\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solibo Ltd deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaurCh-NNewTab deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteSmokeTranslator deleted
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivitizeVPN deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-59572626-2808751585-3448677005-1002 deleted
C:\Users\Martin\Downloads\iLividSetupV1 (1).exe deleted
C:\Users\Martin\Downloads\iLividSetupV1.exe deleted
C:\Users\Martin\Downloads\SoftonicDownloader_for_cryengine.exe deleted
C:\Users\Martin\Downloads\SoftonicDownloader_for_microsoft-powerpoint.exe deleted
C:\Users\Martin\Downloads\SoftonicDownloader_for_surgeon-simulator-2013.exe deleted
C:\Users\Martin\AppData\LocalLow\SkwConfig.bin deleted
C:\Users\Martin\AppData\LocalLow\BS_Player deleted
C:\Users\Martin\AppData\LocalLow\DataMngr deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\wininit.tmp deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\tasks\DLL-files.com Fixer deleted
C:\Windows\Syswow64\mjcm deleted
C:\windows\SysNative\tprb deleted
C:\Windows\Syswow64\shoB045.tmp deleted
C:\Windows\Syswow64\tmp1457.tmp deleted
C:\Windows\Syswow64\tmp14A6.tmp deleted
C:\Windows\Syswow64\tmpB3D8.tmp deleted
C:\Windows\Syswow64\tmpB408.tmp deleted
C:\Windows\Syswow64\Hotspot Shield deleted
C:\Users\Public\Desktop\Express Files.lnk deleted
C:\Users\Public\Desktop\iLivid Download Manager.lnk deleted
C:\Users\Public\Desktop\NCdownloader.lnk deleted
C:\Users\Martin\CFSetup.exe deleted
C:\Users\Martin\deamon tools full version v cestine.exe deleted
C:\Users\Martin\flt-ts3p.exe deleted
C:\Users\Martin\Opera_1152_int_Setup.exe deleted
C:\Users\Martin\shutdown.exe deleted
"C:\Users\Martin\AppData\Local\LumaEmu" deleted
"C:\Users\Martin\AppData\Local\{D7CEDAA0-461D-4CC3-9489-E37BDAD0FBB5}" deleted
"C:\ProgramData\42bcc206644aca3064720d724ab94a9c_c" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Martin\AppData\Roaming\Thunderbird\Profiles\g4vdmxqh.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Proxy Settings ======================
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0
user_pref("network.proxy.type", );
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05.02.2015 14:44]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"wcapturex@deskperience.com"="C:\Program Files (x86)\WhiteSmokeTranslator\WCaptureMoz" []
==== Firefox Extensions ======================
ExtDir: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi
==== Firefox Plugins ======================
==== Deleted Firefox Extensions ======================
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi deleted
==== Chromium Look ======================
Google Chrome Version: 41.0.2272.89 (Up to date, latest Stable version: 41.0.2272.89)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cedclbokcakighlpbnbhfjffdjeihfdp - C:\Windows\SysWOW64\jmdp\pnte.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05.02.2015 09:39]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 12:27]
mjdepfkicdcciagbigfcmdhknnoaaegf - C:\Program Files (x86)\WhiteSmokeTranslator[]
mpieaakhacmfleokhjcjnpcnmnmpfkid - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.crx[]
==== Chromium Fix ======================
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_twitter.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_expressfiles.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_toolbar.avg.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.savemygame.fr_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.xpgamesaves.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_slender.en.softonic.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Mozilla\Firefox\Extensions\wcapturex@deskperience.com deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ansurf.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate-windows.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avic.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\badoo.desktop.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\basics.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllfixer.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\proxyswitcher.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\statsreader.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teamviewer.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tunngle.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninstall.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmnetcfg.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmplayer.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmware.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\yourfile.exe deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AEE57F7-F189-5EED-D4B5-C0E42FD08F09} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A835A47A-A242-5CD2-B15F-4A5DD051E13E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cedclbokcakighlpbnbhfjffdjeihfdp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=8962 folders=452 9873943236 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\fbwuser7805\AppData\Local\Temp emptied successfully
C:\Users\fbwuser7A72\AppData\Local\Temp emptied successfully
C:\Users\Martin\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Martin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on st 18.03.2015 at 19:30:29,30 ======================
Tool run by Martin on st 18.03.2015 at 18:25:01,37.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Martin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
18.3.2015 18:29:53 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Possible Rootkit Infection ======================
C:\Windows\installer\{085c8539-fde1-32e1-be0b-41bc372b1e8c}\L
C:\Windows\installer\{085c8539-fde1-32e1-be0b-41bc372b1e8c}\U
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\BioWare deleted successfully
C:\PROGRA~2\Black Forest Games deleted successfully
C:\PROGRA~2\CatACat deleted successfully
C:\PROGRA~2\Goat Simulator deleted successfully
C:\PROGRA~2\Midway Home Entertainment deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Saucy Releases deleted successfully
C:\PROGRA~2\Team JPN deleted successfully
C:\PROGRA~2\Unigine deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\Rockstar Games deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Turbine deleted successfully
C:\PROGRA~3\Unity deleted successfully
C:\Users\Martin\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Martin\AppData\Roaming\TP deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\SearchScopes\{54EDFBA8-A017-46C2-B716-8C1A9E098BCA} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{64182481-4F71-486B-A045-B233BD0DA8FC} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110011341191} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{88ac3cb6-596b-4217-964c-b6757ef9602d} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{88ac3cb6-596b-4217-964c-b6757ef9602d} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} deleted successfully
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{88ac3cb6-596b-4217-964c-b6757ef9602d} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\fbphotozoom@installdaddy.com deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo");
Added to C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("keyword.URL", "http://search.yahoo.com/search?ei=utf-8 ... &ilc=12&p=");
Added to C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Martin\AppData\Roaming\Thunderbird\Profiles\g4vdmxqh.default\prefs.js:
Added to C:\Users\Martin\AppData\Roaming\Thunderbird\Profiles\g4vdmxqh.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\BioWare not found
C:\PROGRA~2\Black Forest Games not found
C:\PROGRA~2\CatACat not found
C:\PROGRA~2\Goat Simulator not found
C:\PROGRA~2\Midway Home Entertainment not found
C:\PROGRA~2\Saucy Releases not found
C:\PROGRA~2\Team JPN not found
C:\PROGRA~2\Unigine not found
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\PROGRA~2\TunnelBear deleted
C:\Users\Martin\AppData\LocalLow\uTorrentBar deleted
C:\Users\Martin\.android deleted
C:\PROGRA~2\Warner Bros. Interactive Entertainment deleted
C:\PROGRA~2\Empire Interactive deleted
C:\PROGRA~2\Paradox Interactive deleted
C:\PROGRA~2\Proxy Switcher Standard deleted
C:\PROGRA~2\Smart File Advisor deleted
C:\PROGRA~2\PrivitizeVPN deleted
C:\PROGRA~2\Solibo Ltd deleted
C:\PROGRA~2\WhiteSmokeTranslator deleted
C:\~C5FF.tmp deleted
C:\~CCEF.tmp deleted
C:\~E7AF.tmp deleted
C:\extensions deleted
C:\prefs.js deleted
C:\user.js deleted
C:\install.exe deleted
C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted
C:\Users\Martin\eax.dll deleted
C:\Users\Martin\ogg.dll deleted
C:\Users\Martin\vorbis.dll deleted
C:\Users\Martin\vorbisFile.dll deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\SeaurCh-NNewTab deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Martin\AppData\Local\CRE deleted
C:\Users\Martin\AppData\Local\Updater3491 deleted
C:\Users\Martin\AppData\Local\cache deleted
C:\Users\Martin\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solibo Ltd deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaurCh-NNewTab deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteSmokeTranslator deleted
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivitizeVPN deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-59572626-2808751585-3448677005-1002 deleted
C:\Users\Martin\Downloads\iLividSetupV1 (1).exe deleted
C:\Users\Martin\Downloads\iLividSetupV1.exe deleted
C:\Users\Martin\Downloads\SoftonicDownloader_for_cryengine.exe deleted
C:\Users\Martin\Downloads\SoftonicDownloader_for_microsoft-powerpoint.exe deleted
C:\Users\Martin\Downloads\SoftonicDownloader_for_surgeon-simulator-2013.exe deleted
C:\Users\Martin\AppData\LocalLow\SkwConfig.bin deleted
C:\Users\Martin\AppData\LocalLow\BS_Player deleted
C:\Users\Martin\AppData\LocalLow\DataMngr deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\wininit.tmp deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\tasks\DLL-files.com Fixer deleted
C:\Windows\Syswow64\mjcm deleted
C:\windows\SysNative\tprb deleted
C:\Windows\Syswow64\shoB045.tmp deleted
C:\Windows\Syswow64\tmp1457.tmp deleted
C:\Windows\Syswow64\tmp14A6.tmp deleted
C:\Windows\Syswow64\tmpB3D8.tmp deleted
C:\Windows\Syswow64\tmpB408.tmp deleted
C:\Windows\Syswow64\Hotspot Shield deleted
C:\Users\Public\Desktop\Express Files.lnk deleted
C:\Users\Public\Desktop\iLivid Download Manager.lnk deleted
C:\Users\Public\Desktop\NCdownloader.lnk deleted
C:\Users\Martin\CFSetup.exe deleted
C:\Users\Martin\deamon tools full version v cestine.exe deleted
C:\Users\Martin\flt-ts3p.exe deleted
C:\Users\Martin\Opera_1152_int_Setup.exe deleted
C:\Users\Martin\shutdown.exe deleted
"C:\Users\Martin\AppData\Local\LumaEmu" deleted
"C:\Users\Martin\AppData\Local\{D7CEDAA0-461D-4CC3-9489-E37BDAD0FBB5}" deleted
"C:\ProgramData\42bcc206644aca3064720d724ab94a9c_c" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Martin\AppData\Roaming\Thunderbird\Profiles\g4vdmxqh.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Proxy Settings ======================
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0
user_pref("network.proxy.type", );
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05.02.2015 14:44]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"wcapturex@deskperience.com"="C:\Program Files (x86)\WhiteSmokeTranslator\WCaptureMoz" []
==== Firefox Extensions ======================
ExtDir: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi
==== Firefox Plugins ======================
==== Deleted Firefox Extensions ======================
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi deleted
==== Chromium Look ======================
Google Chrome Version: 41.0.2272.89 (Up to date, latest Stable version: 41.0.2272.89)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cedclbokcakighlpbnbhfjffdjeihfdp - C:\Windows\SysWOW64\jmdp\pnte.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05.02.2015 09:39]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 12:27]
mjdepfkicdcciagbigfcmdhknnoaaegf - C:\Program Files (x86)\WhiteSmokeTranslator[]
mpieaakhacmfleokhjcjnpcnmnmpfkid - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.crx[]
==== Chromium Fix ======================
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_twitter.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_expressfiles.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_toolbar.avg.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.savemygame.fr_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.xpgamesaves.com_0.localstorage-journal deleted successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_slender.en.softonic.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-59572626-2808751585-3448677005-1002\Software\Mozilla\Firefox\Extensions\wcapturex@deskperience.com deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ansurf.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate-windows.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avic.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\badoo.desktop.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\basics.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllfixer.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\proxyswitcher.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\statsreader.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teamviewer.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tunngle.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninstall.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmnetcfg.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmplayer.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmware.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\yourfile.exe deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AEE57F7-F189-5EED-D4B5-C0E42FD08F09} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A835A47A-A242-5CD2-B15F-4A5DD051E13E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cedclbokcakighlpbnbhfjffdjeihfdp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=8962 folders=452 9873943236 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\fbwuser7805\AppData\Local\Temp emptied successfully
C:\Users\fbwuser7A72\AppData\Local\Temp emptied successfully
C:\Users\Martin\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Martin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on st 18.03.2015 at 19:30:29,30 ======================
Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Poprosim i o AdwCleaner
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
# AdwCleaner v4.112 - Logfile created 18/03/2015 at 18:15:01
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Downloads\adwcleaner_4.112.exe
# Option : Cleaning
***** [ Services ] *****
Service Deleted : dealplylive
[#] Service Deleted : dealplylivem
Service Deleted : IB Updater
[#] Service Deleted : IBUpdaterService
[#] Service Deleted : pcsuservice
***** [ Files / Folders ] *****
Folder Deleted : C:\Save
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\DealPlyLive
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\updaterservice
Folder Deleted : C:\ProgramData\{1B0B54CA-AA7D-41D3-A84A-29E7C9CB13A2}
Folder Deleted : C:\ProgramData\conotinuetossave
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\conotinuetossave
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\BasicScan
Folder Deleted : C:\Program Files (x86)\BS_Player
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\continuetosave
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\DealPlyLive
Folder Deleted : C:\Program Files (x86)\ExpressFiles
Folder Deleted : C:\Program Files (x86)\facemoods.com
Folder Deleted : C:\Program Files (x86)\fbphotozoom
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\iLivid
Folder Deleted : C:\Program Files (x86)\incredibar.com
Folder Deleted : C:\Program Files (x86)\IObit Toolbar
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\Perion
Folder Deleted : C:\Program Files (x86)\SearchCore for Browsers
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\Vid-Saver
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Program Files (x86)\Windows iLivid Toolbar
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Program Files (x86)\YourFileDownloader
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\GotClip
Folder Deleted : C:\Program Files (x86)\Dll-Files.com Fixer
Folder Deleted : C:\Program Files (x86)\express-files
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Program Files\IB Updater
Folder Deleted : C:\Windows\System32\ARFC
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Martin\AppData\Local\ClickPotatoLiteSA
Folder Deleted : C:\Users\Martin\AppData\Local\Conduit
Folder Deleted : C:\Users\Martin\AppData\Local\DealPlyLive
Folder Deleted : C:\Users\Martin\AppData\Local\genienext
Folder Deleted : C:\Users\Martin\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Martin\AppData\Local\Minibar
Folder Deleted : C:\Users\Martin\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Martin\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Martin\AppData\Local\PackageAware
Folder Deleted : C:\Users\Martin\AppData\Local\RavenBleuSA
Folder Deleted : C:\Users\Martin\AppData\Local\vghd
Folder Deleted : C:\Users\Martin\AppData\Local\Vid-Saver
[x] Not Deleted : C:\Users\Martin\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Martin\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Martin\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Martin\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Martin\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Martin\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Martin\AppData\LocalLow\express-files
Folder Deleted : C:\Users\Martin\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Martin\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Martin\AppData\Roaming\Funmoods
Folder Deleted : C:\Users\Martin\AppData\Roaming\NCdownloader
Folder Deleted : C:\Users\Martin\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Martin\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Martin\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Martin\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Martin\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\Martin\AppData\Roaming\dll-files.com
Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\clickpotato
Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
Folder Deleted : C:\Users\Martin\Documents\Mobogenie
Folder Deleted : C:\Users\Martin\Documents\PCSpeedUp
[!] Folder Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\torntv@torntv.com.xpi
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Martin\daemonprocess.txt
File Deleted : C:\Users\Martin\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Martin\Desktop\Optimizer Pro.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\WebSearch.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage-journal
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.incredibar.com_0.localstorage-journal
***** [ Scheduled tasks ] *****
Task Deleted : BackgroundContainer Startup Task
Task Deleted : DealPlyLiveUpdateTaskMachineCore
Task Deleted : DealPlyLiveUpdateTaskMachineUA
Task Deleted : Express FilesUpdate
Task Deleted : Funmoods
Task Deleted : YourFile Update
Task Deleted : RunAsStdUser Task
Task Deleted : RDReminder
Task Deleted : DLL-Files.Com Fixer_Updates
Task Deleted : DLL-Files.Com Fixer_MONTHLY
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [ClickPotatoLite@ClickPotatoLite.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKCU\Software\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Key Deleted : HKCU\Software\1b12e8ea5bffd5b6833f7b66c0f0cd29
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176921
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\clickpotatolitesa
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\DealPlyLive
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\incredibar.com
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\SearchCore for Browsers
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\dll-files.com
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Deleted : HKLM\SOFTWARE\Application Updater
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DealPly
Key Deleted : HKLM\SOFTWARE\DealPlyLive
Key Deleted : HKLM\SOFTWARE\ExpressFiles
Key Deleted : HKLM\SOFTWARE\facemoods.com
Key Deleted : HKLM\SOFTWARE\IB Updater
Key Deleted : HKLM\SOFTWARE\ilivid
Key Deleted : HKLM\SOFTWARE\incredibar.com
Key Deleted : HKLM\SOFTWARE\Minibar
Key Deleted : HKLM\SOFTWARE\Search Settings
Key Deleted : HKLM\SOFTWARE\SearchCore for Browsers
Key Deleted : HKLM\SOFTWARE\SearchquMediabarTb
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\dll-files.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : [x64] HKCU\Software\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
Key Deleted : [x64] HKLM\SOFTWARE\SearchCore for Browsers
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\search~1\search~1\datamngr.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\search~1\search~1\iebho.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\contin~1\sprote~1.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\websea~1\sprote~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\FA20CB7A821113A4CB8FA1E38E303D3B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\FA20CB7A821113A4CB8FA1E38E303D3B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:8555;hxxps=127.0.0.1:8555
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
-\\ Mozilla Firefox v
[0\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.pu-result.info/?pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ&l=1&q=");
[0\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.pu-result.info/?pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ");
[0\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.pu-result.info/?pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ&l=1&q=");
[0\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
-\\ Google Chrome v41.0.2272.89
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2786678
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.bigseekpro.com/search/toolbar/pivot ... earchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.searchqu.com/web?src=crb&appid=139& ... earchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=084b861e000000000000f46d04612e12
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=084b861e000000000000f46d04612e12
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={C58F15B7-DBA1-11E0-8BB7-F46D04612E12}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.pu-result.info/?l=1&q={searchTerms}&pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.incredibar.com/?q={searchTerms}&lang=czech&cid=1&source=365&u=92825902996636658&a=6R8U4NiDui&gc=cz&i=26&did=10963
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/?a=6R8U4NiDui&i=26&did=10963&loc=skw&search={searchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/?a=6R8U4NiDui&i=26&did=10963&loc=skw&search={searchTerms}
-\\ Chromium v
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2786678
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.bigseekpro.com/search/toolbar/pivot ... earchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.searchqu.com/web?src=crb&appid=139& ... earchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=084b861e000000000000f46d04612e12
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=084b861e000000000000f46d04612e12
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={C58F15B7-DBA1-11E0-8BB7-F46D04612E12}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.pu-result.info/?l=1&q={searchTerms}&pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.incredibar.com/?q={searchTerms}&lang=czech&cid=1&source=365&u=92825902996636658&a=6R8U4NiDui&gc=cz&i=26&did=10963
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/?a=6R8U4NiDui&i=26&did=10963&loc=skw&search={searchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/?a=6R8U4NiDui&i=26&did=10963&loc=skw&search={searchTerms}
*************************
AdwCleaner[R0].txt - [63972 bytes] - [18/03/2015 18:03:41]
AdwCleaner[S0].txt - [63381 bytes] - [18/03/2015 18:15:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [63441 bytes] ##########
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Downloads\adwcleaner_4.112.exe
# Option : Cleaning
***** [ Services ] *****
Service Deleted : dealplylive
[#] Service Deleted : dealplylivem
Service Deleted : IB Updater
[#] Service Deleted : IBUpdaterService
[#] Service Deleted : pcsuservice
***** [ Files / Folders ] *****
Folder Deleted : C:\Save
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\DealPlyLive
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\updaterservice
Folder Deleted : C:\ProgramData\{1B0B54CA-AA7D-41D3-A84A-29E7C9CB13A2}
Folder Deleted : C:\ProgramData\conotinuetossave
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\conotinuetossave
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\BasicScan
Folder Deleted : C:\Program Files (x86)\BS_Player
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\continuetosave
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\DealPlyLive
Folder Deleted : C:\Program Files (x86)\ExpressFiles
Folder Deleted : C:\Program Files (x86)\facemoods.com
Folder Deleted : C:\Program Files (x86)\fbphotozoom
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\iLivid
Folder Deleted : C:\Program Files (x86)\incredibar.com
Folder Deleted : C:\Program Files (x86)\IObit Toolbar
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\Perion
Folder Deleted : C:\Program Files (x86)\SearchCore for Browsers
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\Vid-Saver
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Program Files (x86)\Windows iLivid Toolbar
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Program Files (x86)\YourFileDownloader
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\GotClip
Folder Deleted : C:\Program Files (x86)\Dll-Files.com Fixer
Folder Deleted : C:\Program Files (x86)\express-files
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Program Files\IB Updater
Folder Deleted : C:\Windows\System32\ARFC
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Martin\AppData\Local\ClickPotatoLiteSA
Folder Deleted : C:\Users\Martin\AppData\Local\Conduit
Folder Deleted : C:\Users\Martin\AppData\Local\DealPlyLive
Folder Deleted : C:\Users\Martin\AppData\Local\genienext
Folder Deleted : C:\Users\Martin\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Martin\AppData\Local\Minibar
Folder Deleted : C:\Users\Martin\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Martin\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Martin\AppData\Local\PackageAware
Folder Deleted : C:\Users\Martin\AppData\Local\RavenBleuSA
Folder Deleted : C:\Users\Martin\AppData\Local\vghd
Folder Deleted : C:\Users\Martin\AppData\Local\Vid-Saver
[x] Not Deleted : C:\Users\Martin\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Martin\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Martin\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Martin\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Martin\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Martin\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Martin\AppData\LocalLow\express-files
Folder Deleted : C:\Users\Martin\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Martin\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Martin\AppData\Roaming\Funmoods
Folder Deleted : C:\Users\Martin\AppData\Roaming\NCdownloader
Folder Deleted : C:\Users\Martin\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Martin\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Martin\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Martin\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Martin\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\Martin\AppData\Roaming\dll-files.com
Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\clickpotato
Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
Folder Deleted : C:\Users\Martin\Documents\Mobogenie
Folder Deleted : C:\Users\Martin\Documents\PCSpeedUp
[!] Folder Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\torntv@torntv.com.xpi
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Martin\daemonprocess.txt
File Deleted : C:\Users\Martin\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Martin\Desktop\Optimizer Pro.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\WebSearch.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage-journal
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.incredibar.com_0.localstorage-journal
***** [ Scheduled tasks ] *****
Task Deleted : BackgroundContainer Startup Task
Task Deleted : DealPlyLiveUpdateTaskMachineCore
Task Deleted : DealPlyLiveUpdateTaskMachineUA
Task Deleted : Express FilesUpdate
Task Deleted : Funmoods
Task Deleted : YourFile Update
Task Deleted : RunAsStdUser Task
Task Deleted : RDReminder
Task Deleted : DLL-Files.Com Fixer_Updates
Task Deleted : DLL-Files.Com Fixer_MONTHLY
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [ClickPotatoLite@ClickPotatoLite.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKCU\Software\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Key Deleted : HKCU\Software\1b12e8ea5bffd5b6833f7b66c0f0cd29
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176921
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\clickpotatolitesa
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\DealPlyLive
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\incredibar.com
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\SearchCore for Browsers
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\dll-files.com
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Deleted : HKLM\SOFTWARE\Application Updater
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DealPly
Key Deleted : HKLM\SOFTWARE\DealPlyLive
Key Deleted : HKLM\SOFTWARE\ExpressFiles
Key Deleted : HKLM\SOFTWARE\facemoods.com
Key Deleted : HKLM\SOFTWARE\IB Updater
Key Deleted : HKLM\SOFTWARE\ilivid
Key Deleted : HKLM\SOFTWARE\incredibar.com
Key Deleted : HKLM\SOFTWARE\Minibar
Key Deleted : HKLM\SOFTWARE\Search Settings
Key Deleted : HKLM\SOFTWARE\SearchCore for Browsers
Key Deleted : HKLM\SOFTWARE\SearchquMediabarTb
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\dll-files.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : [x64] HKCU\Software\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
Key Deleted : [x64] HKLM\SOFTWARE\SearchCore for Browsers
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\search~1\search~1\datamngr.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\search~1\search~1\iebho.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\contin~1\sprote~1.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\websea~1\sprote~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\FA20CB7A821113A4CB8FA1E38E303D3B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\FA20CB7A821113A4CB8FA1E38E303D3B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:8555;hxxps=127.0.0.1:8555
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
-\\ Mozilla Firefox v
[0\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.pu-result.info/?pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ&l=1&q=");
[0\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.pu-result.info/?pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ");
[0\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.pu-result.info/?pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ&l=1&q=");
[0\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
-\\ Google Chrome v41.0.2272.89
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2786678
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.bigseekpro.com/search/toolbar/pivot ... earchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.searchqu.com/web?src=crb&appid=139& ... earchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=084b861e000000000000f46d04612e12
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=084b861e000000000000f46d04612e12
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={C58F15B7-DBA1-11E0-8BB7-F46D04612E12}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.pu-result.info/?l=1&q={searchTerms}&pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.incredibar.com/?q={searchTerms}&lang=czech&cid=1&source=365&u=92825902996636658&a=6R8U4NiDui&gc=cz&i=26&did=10963
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/?a=6R8U4NiDui&i=26&did=10963&loc=skw&search={searchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/?a=6R8U4NiDui&i=26&did=10963&loc=skw&search={searchTerms}
-\\ Chromium v
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2786678
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.bigseekpro.com/search/toolbar/pivot ... earchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.searchqu.com/web?src=crb&appid=139& ... earchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=084b861e000000000000f46d04612e12
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=084b861e000000000000f46d04612e12
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={C58F15B7-DBA1-11E0-8BB7-F46D04612E12}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.pu-result.info/?l=1&q={searchTerms}&pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.incredibar.com/?q={searchTerms}&lang=czech&cid=1&source=365&u=92825902996636658&a=6R8U4NiDui&gc=cz&i=26&did=10963
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/?a=6R8U4NiDui&i=26&did=10963&loc=skw&search={searchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/?a=6R8U4NiDui&i=26&did=10963&loc=skw&search={searchTerms}
*************************
AdwCleaner[R0].txt - [63972 bytes] - [18/03/2015 18:03:41]
AdwCleaner[S0].txt - [63381 bytes] - [18/03/2015 18:15:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [63441 bytes] ##########
Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
- Ulozte nejlepe na Plochu a rozbalte
- Spustte kliknutim na mbar
- Nyni postupne kliknete na Next a Update
- Po dokonceni update (aktualizace) databaze kliknete opet na Next
- Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
- Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
- Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
- Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
- PC bude restartovan
- Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.03.19.04
rootkit: v2015.02.25.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Martin :: MARTIN-PC [administrator]
19.3.2015 16:04:05
mbar-log-2015-03-19 (16-04-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 498094
Time elapsed: 20 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 6
HKU\S-1-5-21-59572626-2808751585-3448677005-1002_Classes\APPID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Delete on reboot. [7ce4ee597515ab8b8446de5dcc37fd03]
HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Delete on reboot. [1f414bfc57331a1c66378baf6b989967]
HKU\S-1-5-21-59572626-2808751585-3448677005-1009\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Delete on reboot. [1f414bfc57331a1c66378baf6b989967]
HKU\S-1-5-21-59572626-2808751585-3448677005-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Delete on reboot. [1f414bfc57331a1c66378baf6b989967]
HKU\S-1-5-21-59572626-2808751585-3448677005-1002_Classes\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Delete on reboot. [1f41f3547713bd7976b617546f9516ea]
HKU\S-1-5-21-59572626-2808751585-3448677005-1002_Classes\APPID\MenuButtonIE.DLL (Adware.ClickPotato) -> Delete on reboot. [ec742126c5c5e94d5be0dc8dfc088878]
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Martin\Downloads\InstallIW4M.exe (Trojan.MSIL) -> Delete on reboot. [3f21c68177138aacd6f5f48205fcba46]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Database version:
main: v2015.03.19.04
rootkit: v2015.02.25.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Martin :: MARTIN-PC [administrator]
19.3.2015 16:04:05
mbar-log-2015-03-19 (16-04-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 498094
Time elapsed: 20 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 6
HKU\S-1-5-21-59572626-2808751585-3448677005-1002_Classes\APPID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Delete on reboot. [7ce4ee597515ab8b8446de5dcc37fd03]
HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Delete on reboot. [1f414bfc57331a1c66378baf6b989967]
HKU\S-1-5-21-59572626-2808751585-3448677005-1009\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Delete on reboot. [1f414bfc57331a1c66378baf6b989967]
HKU\S-1-5-21-59572626-2808751585-3448677005-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Delete on reboot. [1f414bfc57331a1c66378baf6b989967]
HKU\S-1-5-21-59572626-2808751585-3448677005-1002_Classes\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Delete on reboot. [1f41f3547713bd7976b617546f9516ea]
HKU\S-1-5-21-59572626-2808751585-3448677005-1002_Classes\APPID\MenuButtonIE.DLL (Adware.ClickPotato) -> Delete on reboot. [ec742126c5c5e94d5be0dc8dfc088878]
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Martin\Downloads\InstallIW4M.exe (Trojan.MSIL) -> Delete on reboot. [3f21c68177138aacd6f5f48205fcba46]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Martin (administrator) on MARTIN-PC on 19-03-2015 18:53:02
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & (Available profiles: Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Flux Software LLC) C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(Conduit Ltd.) C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(IObit) C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689584 2014-02-26] (VIA)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689584 2014-02-26] (VIA)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] ()
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-11-05] (Bitleader)
HKLM-x32\...\Run: [ConduitHelper] => C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe [274216 2011-08-31] (Conduit Ltd.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Smart File Advisor] => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-05] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [4474832 2012-12-25] (IObit)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [PSwitch] => C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe (the data entry has 65 more characters).
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [uTorrent] => C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [f.lux] => C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\MountPoints2: {02aaf08a-8be5-11e2-9fa7-f46d04612e12} - J:\Autorun.exe
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\MountPoints2: {1fc6396c-e415-11e2-99bf-005056c00008} - I:\Autorun.exe
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\MountPoints2: {5f77917d-c4a8-11e0-be94-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-59572626-2808751585-3448677005-1009] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-59572626-2808751585-3448677005-1009] => http=127.0.0.1:8555;https=127.0.0.1:8555
ProxyEnable: [S-1-5-21-59572626-2808751585-3448677005-1010] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-59572626-2808751585-3448677005-1010] => http=127.0.0.1:8555;https=127.0.0.1:8555
HKU\S-1-5-21-59572626-2808751585-3448677005-1009\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-result.info/?pid=72 ... g=EN&cc=CZ
HKU\S-1-5-21-59572626-2808751585-3448677005-1010\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-result.info/?pid=72 ... g=EN&cc=CZ
URLSearchHook: HKLM-x32 - (No Name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1002 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> DefaultScope {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.as ... 2661074931
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... ff098d03b9
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {54EDFBA8-A017-46C2-B716-8C1A9E098BCA} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.as ... 2661074931
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C5C0 ... 2011-12-09 20:24:39&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browse ... earchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-result.info/?l=1&q= ... g=EN&cc=CZ
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6R8U4N ... erms}&i=26
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 6D04612E12}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> DefaultScope {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.as ... 2661074931
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... ff098d03b9
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {54EDFBA8-A017-46C2-B716-8C1A9E098BCA} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.as ... 2661074931
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C5C0 ... 2011-12-09 20:24:39&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browse ... earchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-result.info/?l=1&q= ... g=EN&cc=CZ
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6R8U4N ... erms}&i=26
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 6D04612E12}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-05] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-05] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {88AC3CB6-596B-4217-964C-B6757EF9602D} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {88AC3CB6-596B-4217-964C-B6757EF9602D} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-02-22] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-59572626-2808751585-3448677005-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-03-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-59572626-2808751585-3448677005-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-02-22] (Pando Networks)
FF Plugin HKU\S-1-5-21-59572626-2808751585-3448677005-1002: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2012-10-15] (The Happy Cloud)
FF Plugin HKU\S-1-5-21-59572626-2808751585-3448677005-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-14] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-20]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.cz/"
CHR DefaultSearchKeyword: Default -> mystart.incredibar.com/
CHR DefaultSearchURL: Default -> http://mystart.incredibar.com/?a=6R8U4N ... earchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-18]
CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-20]
CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-18]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-20]
CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-30]
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-20]
CHR Extension: (Google Sheets) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-18]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-04]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-05] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-10] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2123584 2011-11-30] (TuneUp Software)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-12] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-02-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-05] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-05] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-04] (Disc Soft Ltd)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33224 2012-07-05] (IObit.com)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13480 2014-05-19] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2011-08-12] (Duplex Secure Ltd.)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-12-17] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-24] (TuneUp Software)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com)
S3 DIRECTIO; \??\C:\Program Files (x86)\BurnInTest\DirectIo.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S0 vmci; system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-19 18:53 - 2015-03-19 18:53 - 00031871 _____ () C:\Users\Martin\Desktop\FRST.txt
2015-03-19 18:51 - 2015-03-19 18:51 - 00015327 _____ () C:\Users\Martin\Desktop\LM.bat
2015-03-19 18:50 - 2015-03-19 18:53 - 00000000 ____D () C:\FRST
2015-03-19 18:50 - 2015-03-19 18:51 - 00029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2015-03-19 18:49 - 2015-03-19 18:49 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2015-03-19 17:40 - 2015-03-19 17:40 - 02095616 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-03-19 16:04 - 2015-03-19 16:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-19 16:03 - 2015-03-19 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-19 16:03 - 2015-03-19 16:03 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-19 16:01 - 2015-03-19 16:26 - 00000000 ____D () C:\Users\Martin\Desktop\mbar
2015-03-19 16:01 - 2015-03-19 16:01 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-19 15:59 - 2015-03-19 15:59 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Martin\Desktop\mbar-1.09.1.1004.exe
2015-03-18 19:26 - 2015-03-18 18:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-18 18:29 - 2015-03-18 19:30 - 00022220 _____ () C:\zoek-results.log
2015-03-18 18:24 - 2015-03-18 19:21 - 00000000 ____D () C:\zoek_backup
2015-03-18 18:03 - 2015-03-18 18:15 - 00000000 ____D () C:\AdwCleaner
2015-03-18 18:02 - 2015-03-18 18:02 - 01305600 _____ () C:\Users\Martin\Desktop\zoek.exe
2015-03-18 17:59 - 2015-03-18 18:00 - 02171392 _____ () C:\Users\Martin\Downloads\adwcleaner_4.112.exe
2015-03-18 17:17 - 2015-03-18 17:18 - 00000000 ____D () C:\rsit
2015-03-18 17:17 - 2015-03-18 17:18 - 00000000 ____D () C:\Program Files\trend micro
2015-03-18 17:13 - 2015-03-18 17:13 - 01222144 _____ () C:\Users\Martin\Downloads\RSITx64.exe
2015-03-15 18:51 - 2015-03-15 18:51 - 00000000 ____D () C:\Users\Martin\Downloads\Assassins-Creed-2-Čeština
2015-03-15 17:11 - 2015-03-15 17:11 - 00000219 _____ () C:\Users\Martin\Desktop\Portal 2.url
2015-03-14 15:04 - 2015-03-14 15:20 - 145287256 _____ () C:\Users\Martin\Downloads\Assassins-Creed-2-Čeština.rar
2015-03-12 20:49 - 2015-03-12 20:49 - 00001088 _____ () C:\Users\Martin\Desktop\ACC – zástupce.lnk
2015-03-10 16:45 - 2015-03-10 16:45 - 00000000 ____D () C:\Users\Martin\Documents\Assassin's Creed Rogue
2015-03-10 16:45 - 2015-03-10 16:45 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\uplay
2015-03-10 14:34 - 2015-03-10 14:34 - 00039752 _____ () C:\Users\Martin\Downloads\Assassins.Creed.Rogue.CODEX.torrent
2015-03-09 19:46 - 2015-03-09 19:46 - 00002294 _____ () C:\Users\Public\Desktop\Shadow Of Mordor.lnk
2015-03-09 19:46 - 2015-03-09 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Of Mordor
2015-03-09 17:44 - 2015-03-09 17:44 - 00000000 ____D () C:\Program Files (x86)\R.G. Freedom
2015-03-08 14:27 - 2015-03-08 14:33 - 82543939 _____ () C:\Users\Martin\Documents\First MLG save 2nd.mp4
2015-03-08 08:01 - 2015-03-08 08:02 - 39739064 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\Windows-KB890830-x64-V5.21.exe
2015-03-07 22:02 - 2015-03-07 22:02 - 00000000 _____ () C:\autoexec.bat
2015-03-07 22:00 - 2015-03-07 22:00 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-03-07 21:59 - 2015-03-07 21:59 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Martin\Downloads\SpyHunter-Installer.exe
2015-03-07 12:18 - 2015-03-07 12:18 - 04046005 _____ () C:\Users\Martin\Downloads\Mafia-2-Volná-jízda-V3-mod-100%-funkční-(HOLMESOV-GAME).rar
2015-03-07 12:18 - 2015-03-07 12:18 - 00000000 ____D () C:\Users\Martin\Downloads\Mafia-2-Volná-jízda-V3-mod-100%-funkční-(HOLMESOV-GAME)
2015-03-03 18:43 - 2015-03-03 18:53 - 00000000 ____D () C:\Program Files\Sony
2015-03-03 18:20 - 2015-03-03 18:20 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Sony Creative Software Inc
2015-03-03 17:51 - 2015-03-03 17:51 - 00001854 _____ () C:\Users\Martin\Desktop\Five Nights at Freddy's 3 v1.0.lnk
2015-03-03 14:54 - 2015-03-03 14:54 - 00000584 _____ () C:\Users\Martin\Documents\Default.sfvidcap
2015-03-02 23:10 - 2015-03-02 23:10 - 40232291 _____ () C:\Users\Martin\Downloads\Plants vs. Zombies.zip
2015-03-02 17:50 - 2015-03-03 18:55 - 00013748 _____ () C:\Windows\system32\--traceoff
2015-03-02 17:50 - 2015-03-02 17:50 - 00000000 _____ () C:\Windows\system32\--debugoff
2015-03-02 17:49 - 2015-03-02 17:49 - 00001006 _____ () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2015-03-02 15:00 - 2015-03-02 15:04 - 00000000 ____D () C:\Users\Martin\Downloads\Sony Vegas Pro 13.0 build 310 (64 bit) (patch KHG) [ChingLiu]
2015-03-02 15:00 - 2015-03-02 15:00 - 00015175 _____ () C:\Users\Martin\Downloads\[kickass.to]sony.vegas.pro.13.0.build.310.64.bit.patch.khg.chingliu.torrent
2015-02-23 19:39 - 2015-02-23 19:39 - 00000222 _____ () C:\Users\Martin\Desktop\The Old Tree.url
2015-02-22 13:15 - 2015-02-22 14:34 - 1048612899 _____ () C:\Users\Martin\Downloads\Mizerove 2 CZ.avi
2015-02-22 11:05 - 2015-02-22 12:57 - 1470992384 _____ () C:\Users\Martin\Downloads\Mizerové 1 CZ.avi
2015-02-19 16:55 - 2015-03-08 18:01 - 00000000 ____D () C:\Users\Martin\AppData\Local\pcsx2
2015-02-18 15:32 - 2015-02-18 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-17 21:45 - 2015-02-17 21:45 - 00597304 _____ () C:\Users\Martin\Downloads\flux-setup.exe
2015-02-17 21:45 - 2015-02-17 21:45 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-02-17 21:45 - 2015-02-17 21:45 - 00000000 ____D () C:\Users\Martin\AppData\Local\FluxSoftware
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-19 18:50 - 2011-11-22 21:17 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-19 18:48 - 2012-09-22 07:51 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-19 18:18 - 2011-08-13 18:20 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-19 16:39 - 2011-08-12 07:09 - 01419171 _____ () C:\Windows\WindowsUpdate.log
2015-03-19 16:38 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-19 16:38 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-19 16:34 - 2011-09-16 19:06 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\uTorrent
2015-03-19 16:31 - 2014-12-11 21:57 - 00000000 ____D () C:\Users\Martin\AppData\Local\LogMeIn Hamachi
2015-03-19 16:31 - 2014-04-20 14:01 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-19 16:30 - 2011-08-12 07:53 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-03-19 16:29 - 2013-10-04 18:48 - 00893052 _____ () C:\Windows\PFRO.log
2015-03-19 16:29 - 2013-10-04 18:48 - 00041146 _____ () C:\Windows\setupact.log
2015-03-19 16:29 - 2011-08-13 18:20 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-19 16:29 - 2011-07-27 07:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-19 16:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-19 16:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2015-03-18 20:04 - 2011-12-06 16:10 - 00000000 ____D () C:\Program Files (x86)\Webteh
2015-03-18 20:03 - 2011-12-06 16:10 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\BSplayer
2015-03-18 19:18 - 2011-08-12 07:09 - 00000000 ____D () C:\Users\Martin
2015-03-18 18:15 - 2011-09-18 08:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-18 16:45 - 2012-01-21 09:03 - 00000000 ____D () C:\Users\Martin\AppData\Local\CrashDumps
2015-03-15 17:11 - 2012-12-29 14:19 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-14 14:58 - 2013-10-09 16:35 - 00660564 _____ () C:\Windows\DirectX.log
2015-03-14 14:40 - 2011-07-27 07:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-12 10:20 - 2014-04-20 14:37 - 00002191 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-11 15:28 - 2009-07-14 05:45 - 04929320 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-10 22:10 - 2011-08-28 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-03-10 18:04 - 2011-08-12 07:29 - 00093888 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-10 17:17 - 2012-11-11 18:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-10 17:15 - 2012-11-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-10 16:30 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-10 16:02 - 2011-09-23 17:44 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-03-10 15:43 - 2012-09-30 14:35 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2015-03-09 19:50 - 2013-05-08 19:42 - 00000000 ____D () C:\Users\Martin\Documents\WB Games
2015-03-09 17:40 - 2013-04-15 14:28 - 00000000 ____D () C:\Users\Martin\Documents\Aspyr
2015-03-08 14:01 - 2011-08-28 19:06 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Sony
2015-03-08 10:53 - 2012-12-09 10:37 - 00000000 ____D () C:\Users\Martin\Documents\Max Payne 2 Savegames
2015-03-07 16:29 - 2014-06-08 08:08 - 00000000 ____D () C:\Users\Martin\AppData\Local\SniperV2
2015-03-07 09:25 - 2011-08-12 17:39 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-03-06 15:18 - 2013-05-11 20:14 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-03-05 21:03 - 2014-10-07 18:40 - 00000000 ____D () C:\Users\Martin\Filmy
2015-03-03 19:24 - 2011-08-28 20:00 - 00000000 ____D () C:\ProgramData\Sony
2015-03-03 17:52 - 2014-12-09 22:41 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\MMFApplications
2015-03-03 17:51 - 2011-10-09 12:31 - 00000000 ____D () C:\Games
2015-03-02 19:33 - 2015-01-12 21:57 - 00042880 _____ () C:\Users\Martin\Downloads\Bomb Ground Explosion Effect green screen with sound.mp4.sfk
2015-03-02 19:33 - 2015-01-12 19:08 - 00009792 _____ () C:\Users\Martin\Downloads\Eddy Wally - 'Wow' (For use in montage parodies, etc.).mp4.sfk
2015-03-02 19:33 - 2015-01-12 19:08 - 00009792 _____ () C:\Users\Martin\Downloads\Eddy Wally - 'Wow' (For use in montage parodies, etc.) (1).mp4.sfk
2015-03-01 13:42 - 2012-03-26 16:45 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DarknessII
2015-03-01 08:04 - 2011-08-12 07:56 - 00000368 _____ () C:\Windows\lgfwup.ini
2015-03-01 08:04 - 2011-08-12 07:55 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2015-02-23 20:11 - 2011-08-12 09:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype
2015-02-18 15:32 - 2014-12-12 18:26 - 00000934 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-02-18 15:32 - 2014-12-11 21:56 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
==================== Files in the root of some directories =======
2011-08-22 15:32 - 2011-08-23 18:44 - 0000042 _____ () C:\Program Files (x86)\4StoryEGLogin.txt
2004-02-05 00:04 - 2004-02-05 00:04 - 1062333 _____ (Indigo Rose Corporation http://www.indigorose.com) C:\Program Files (x86)\GTA Mod Installer.exe
2008-06-17 03:32 - 2008-06-17 03:32 - 0000349 _____ () C:\Program Files (x86)\license.txt
2008-06-19 21:34 - 2008-06-19 21:34 - 0002969 _____ () C:\Program Files (x86)\readme.txt
2008-06-20 03:42 - 2008-06-20 03:42 - 0046387 _____ () C:\Program Files (x86)\source.txt
2011-08-12 09:38 - 2015-02-07 22:50 - 0000167 _____ () C:\Users\Martin\AppData\Roaming\default.rss
2012-01-05 19:41 - 2012-01-05 19:41 - 0003584 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-25 11:54 - 2014-05-25 11:55 - 1065984 _____ () C:\Users\Martin\AppData\Local\file__0.localstorage
2011-09-04 09:56 - 2011-09-04 09:56 - 0000094 _____ () C:\Users\Martin\AppData\Local\fusioncache.dat
2015-03-19 18:50 - 2015-03-19 18:51 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2014-07-27 16:16 - 2014-07-29 14:40 - 0007596 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2012-09-29 10:30 - 2013-04-08 15:51 - 1426411 ____N () C:\Users\Martin\AppData\Local\Tempmusic.ogg
ZeroAccess:
C:\Windows\Installer\{085c8539-fde1-32e1-be0b-41bc372b1e8c}
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-17 19:45
==================== End Of Log ============================
Ran by Martin (administrator) on MARTIN-PC on 19-03-2015 18:53:02
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & (Available profiles: Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Flux Software LLC) C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(Conduit Ltd.) C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(IObit) C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689584 2014-02-26] (VIA)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689584 2014-02-26] (VIA)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] ()
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-11-05] (Bitleader)
HKLM-x32\...\Run: [ConduitHelper] => C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe [274216 2011-08-31] (Conduit Ltd.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Smart File Advisor] => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-05] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [4474832 2012-12-25] (IObit)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [PSwitch] => C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe (the data entry has 65 more characters).
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [uTorrent] => C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [f.lux] => C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\MountPoints2: {02aaf08a-8be5-11e2-9fa7-f46d04612e12} - J:\Autorun.exe
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\MountPoints2: {1fc6396c-e415-11e2-99bf-005056c00008} - I:\Autorun.exe
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\MountPoints2: {5f77917d-c4a8-11e0-be94-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-59572626-2808751585-3448677005-1009] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-59572626-2808751585-3448677005-1009] => http=127.0.0.1:8555;https=127.0.0.1:8555
ProxyEnable: [S-1-5-21-59572626-2808751585-3448677005-1010] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-59572626-2808751585-3448677005-1010] => http=127.0.0.1:8555;https=127.0.0.1:8555
HKU\S-1-5-21-59572626-2808751585-3448677005-1009\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-result.info/?pid=72 ... g=EN&cc=CZ
HKU\S-1-5-21-59572626-2808751585-3448677005-1010\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-result.info/?pid=72 ... g=EN&cc=CZ
URLSearchHook: HKLM-x32 - (No Name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1002 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> DefaultScope {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.as ... 2661074931
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... ff098d03b9
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {54EDFBA8-A017-46C2-B716-8C1A9E098BCA} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.as ... 2661074931
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C5C0 ... 2011-12-09 20:24:39&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browse ... earchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-result.info/?l=1&q= ... g=EN&cc=CZ
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6R8U4N ... erms}&i=26
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 6D04612E12}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> DefaultScope {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.as ... 2661074931
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... ff098d03b9
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {54EDFBA8-A017-46C2-B716-8C1A9E098BCA} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.as ... 2661074931
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C5C0 ... 2011-12-09 20:24:39&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browse ... earchTerms}
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-result.info/?l=1&q= ... g=EN&cc=CZ
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6R8U4N ... erms}&i=26
SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 6D04612E12}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-05] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-05] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {88AC3CB6-596B-4217-964C-B6757EF9602D} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {88AC3CB6-596B-4217-964C-B6757EF9602D} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-02-22] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-59572626-2808751585-3448677005-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-03-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-59572626-2808751585-3448677005-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-02-22] (Pando Networks)
FF Plugin HKU\S-1-5-21-59572626-2808751585-3448677005-1002: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2012-10-15] (The Happy Cloud)
FF Plugin HKU\S-1-5-21-59572626-2808751585-3448677005-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-14] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-20]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.cz/"
CHR DefaultSearchKeyword: Default -> mystart.incredibar.com/
CHR DefaultSearchURL: Default -> http://mystart.incredibar.com/?a=6R8U4N ... earchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-18]
CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-20]
CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-18]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-20]
CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-30]
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-20]
CHR Extension: (Google Sheets) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-18]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-04]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-05] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-10] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2123584 2011-11-30] (TuneUp Software)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-12] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-02-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-05] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-05] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-04] (Disc Soft Ltd)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33224 2012-07-05] (IObit.com)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13480 2014-05-19] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2011-08-12] (Duplex Secure Ltd.)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-12-17] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-24] (TuneUp Software)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com)
S3 DIRECTIO; \??\C:\Program Files (x86)\BurnInTest\DirectIo.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S0 vmci; system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-19 18:53 - 2015-03-19 18:53 - 00031871 _____ () C:\Users\Martin\Desktop\FRST.txt
2015-03-19 18:51 - 2015-03-19 18:51 - 00015327 _____ () C:\Users\Martin\Desktop\LM.bat
2015-03-19 18:50 - 2015-03-19 18:53 - 00000000 ____D () C:\FRST
2015-03-19 18:50 - 2015-03-19 18:51 - 00029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2015-03-19 18:49 - 2015-03-19 18:49 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2015-03-19 17:40 - 2015-03-19 17:40 - 02095616 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-03-19 16:04 - 2015-03-19 16:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-19 16:03 - 2015-03-19 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-19 16:03 - 2015-03-19 16:03 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-19 16:01 - 2015-03-19 16:26 - 00000000 ____D () C:\Users\Martin\Desktop\mbar
2015-03-19 16:01 - 2015-03-19 16:01 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-19 15:59 - 2015-03-19 15:59 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Martin\Desktop\mbar-1.09.1.1004.exe
2015-03-18 19:26 - 2015-03-18 18:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-18 18:29 - 2015-03-18 19:30 - 00022220 _____ () C:\zoek-results.log
2015-03-18 18:24 - 2015-03-18 19:21 - 00000000 ____D () C:\zoek_backup
2015-03-18 18:03 - 2015-03-18 18:15 - 00000000 ____D () C:\AdwCleaner
2015-03-18 18:02 - 2015-03-18 18:02 - 01305600 _____ () C:\Users\Martin\Desktop\zoek.exe
2015-03-18 17:59 - 2015-03-18 18:00 - 02171392 _____ () C:\Users\Martin\Downloads\adwcleaner_4.112.exe
2015-03-18 17:17 - 2015-03-18 17:18 - 00000000 ____D () C:\rsit
2015-03-18 17:17 - 2015-03-18 17:18 - 00000000 ____D () C:\Program Files\trend micro
2015-03-18 17:13 - 2015-03-18 17:13 - 01222144 _____ () C:\Users\Martin\Downloads\RSITx64.exe
2015-03-15 18:51 - 2015-03-15 18:51 - 00000000 ____D () C:\Users\Martin\Downloads\Assassins-Creed-2-Čeština
2015-03-15 17:11 - 2015-03-15 17:11 - 00000219 _____ () C:\Users\Martin\Desktop\Portal 2.url
2015-03-14 15:04 - 2015-03-14 15:20 - 145287256 _____ () C:\Users\Martin\Downloads\Assassins-Creed-2-Čeština.rar
2015-03-12 20:49 - 2015-03-12 20:49 - 00001088 _____ () C:\Users\Martin\Desktop\ACC – zástupce.lnk
2015-03-10 16:45 - 2015-03-10 16:45 - 00000000 ____D () C:\Users\Martin\Documents\Assassin's Creed Rogue
2015-03-10 16:45 - 2015-03-10 16:45 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\uplay
2015-03-10 14:34 - 2015-03-10 14:34 - 00039752 _____ () C:\Users\Martin\Downloads\Assassins.Creed.Rogue.CODEX.torrent
2015-03-09 19:46 - 2015-03-09 19:46 - 00002294 _____ () C:\Users\Public\Desktop\Shadow Of Mordor.lnk
2015-03-09 19:46 - 2015-03-09 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Of Mordor
2015-03-09 17:44 - 2015-03-09 17:44 - 00000000 ____D () C:\Program Files (x86)\R.G. Freedom
2015-03-08 14:27 - 2015-03-08 14:33 - 82543939 _____ () C:\Users\Martin\Documents\First MLG save 2nd.mp4
2015-03-08 08:01 - 2015-03-08 08:02 - 39739064 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\Windows-KB890830-x64-V5.21.exe
2015-03-07 22:02 - 2015-03-07 22:02 - 00000000 _____ () C:\autoexec.bat
2015-03-07 22:00 - 2015-03-07 22:00 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-03-07 21:59 - 2015-03-07 21:59 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Martin\Downloads\SpyHunter-Installer.exe
2015-03-07 12:18 - 2015-03-07 12:18 - 04046005 _____ () C:\Users\Martin\Downloads\Mafia-2-Volná-jízda-V3-mod-100%-funkční-(HOLMESOV-GAME).rar
2015-03-07 12:18 - 2015-03-07 12:18 - 00000000 ____D () C:\Users\Martin\Downloads\Mafia-2-Volná-jízda-V3-mod-100%-funkční-(HOLMESOV-GAME)
2015-03-03 18:43 - 2015-03-03 18:53 - 00000000 ____D () C:\Program Files\Sony
2015-03-03 18:20 - 2015-03-03 18:20 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Sony Creative Software Inc
2015-03-03 17:51 - 2015-03-03 17:51 - 00001854 _____ () C:\Users\Martin\Desktop\Five Nights at Freddy's 3 v1.0.lnk
2015-03-03 14:54 - 2015-03-03 14:54 - 00000584 _____ () C:\Users\Martin\Documents\Default.sfvidcap
2015-03-02 23:10 - 2015-03-02 23:10 - 40232291 _____ () C:\Users\Martin\Downloads\Plants vs. Zombies.zip
2015-03-02 17:50 - 2015-03-03 18:55 - 00013748 _____ () C:\Windows\system32\--traceoff
2015-03-02 17:50 - 2015-03-02 17:50 - 00000000 _____ () C:\Windows\system32\--debugoff
2015-03-02 17:49 - 2015-03-02 17:49 - 00001006 _____ () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2015-03-02 15:00 - 2015-03-02 15:04 - 00000000 ____D () C:\Users\Martin\Downloads\Sony Vegas Pro 13.0 build 310 (64 bit) (patch KHG) [ChingLiu]
2015-03-02 15:00 - 2015-03-02 15:00 - 00015175 _____ () C:\Users\Martin\Downloads\[kickass.to]sony.vegas.pro.13.0.build.310.64.bit.patch.khg.chingliu.torrent
2015-02-23 19:39 - 2015-02-23 19:39 - 00000222 _____ () C:\Users\Martin\Desktop\The Old Tree.url
2015-02-22 13:15 - 2015-02-22 14:34 - 1048612899 _____ () C:\Users\Martin\Downloads\Mizerove 2 CZ.avi
2015-02-22 11:05 - 2015-02-22 12:57 - 1470992384 _____ () C:\Users\Martin\Downloads\Mizerové 1 CZ.avi
2015-02-19 16:55 - 2015-03-08 18:01 - 00000000 ____D () C:\Users\Martin\AppData\Local\pcsx2
2015-02-18 15:32 - 2015-02-18 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-17 21:45 - 2015-02-17 21:45 - 00597304 _____ () C:\Users\Martin\Downloads\flux-setup.exe
2015-02-17 21:45 - 2015-02-17 21:45 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-02-17 21:45 - 2015-02-17 21:45 - 00000000 ____D () C:\Users\Martin\AppData\Local\FluxSoftware
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-19 18:50 - 2011-11-22 21:17 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-19 18:48 - 2012-09-22 07:51 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-19 18:18 - 2011-08-13 18:20 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-19 16:39 - 2011-08-12 07:09 - 01419171 _____ () C:\Windows\WindowsUpdate.log
2015-03-19 16:38 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-19 16:38 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-19 16:34 - 2011-09-16 19:06 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\uTorrent
2015-03-19 16:31 - 2014-12-11 21:57 - 00000000 ____D () C:\Users\Martin\AppData\Local\LogMeIn Hamachi
2015-03-19 16:31 - 2014-04-20 14:01 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-19 16:30 - 2011-08-12 07:53 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-03-19 16:29 - 2013-10-04 18:48 - 00893052 _____ () C:\Windows\PFRO.log
2015-03-19 16:29 - 2013-10-04 18:48 - 00041146 _____ () C:\Windows\setupact.log
2015-03-19 16:29 - 2011-08-13 18:20 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-19 16:29 - 2011-07-27 07:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-19 16:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-19 16:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2015-03-18 20:04 - 2011-12-06 16:10 - 00000000 ____D () C:\Program Files (x86)\Webteh
2015-03-18 20:03 - 2011-12-06 16:10 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\BSplayer
2015-03-18 19:18 - 2011-08-12 07:09 - 00000000 ____D () C:\Users\Martin
2015-03-18 18:15 - 2011-09-18 08:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-18 16:45 - 2012-01-21 09:03 - 00000000 ____D () C:\Users\Martin\AppData\Local\CrashDumps
2015-03-15 17:11 - 2012-12-29 14:19 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-14 14:58 - 2013-10-09 16:35 - 00660564 _____ () C:\Windows\DirectX.log
2015-03-14 14:40 - 2011-07-27 07:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-12 10:20 - 2014-04-20 14:37 - 00002191 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-11 15:28 - 2009-07-14 05:45 - 04929320 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-10 22:10 - 2011-08-28 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-03-10 18:04 - 2011-08-12 07:29 - 00093888 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-10 17:17 - 2012-11-11 18:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-10 17:15 - 2012-11-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-10 16:30 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-10 16:02 - 2011-09-23 17:44 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-03-10 15:43 - 2012-09-30 14:35 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2015-03-09 19:50 - 2013-05-08 19:42 - 00000000 ____D () C:\Users\Martin\Documents\WB Games
2015-03-09 17:40 - 2013-04-15 14:28 - 00000000 ____D () C:\Users\Martin\Documents\Aspyr
2015-03-08 14:01 - 2011-08-28 19:06 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Sony
2015-03-08 10:53 - 2012-12-09 10:37 - 00000000 ____D () C:\Users\Martin\Documents\Max Payne 2 Savegames
2015-03-07 16:29 - 2014-06-08 08:08 - 00000000 ____D () C:\Users\Martin\AppData\Local\SniperV2
2015-03-07 09:25 - 2011-08-12 17:39 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-03-06 15:18 - 2013-05-11 20:14 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-03-05 21:03 - 2014-10-07 18:40 - 00000000 ____D () C:\Users\Martin\Filmy
2015-03-03 19:24 - 2011-08-28 20:00 - 00000000 ____D () C:\ProgramData\Sony
2015-03-03 17:52 - 2014-12-09 22:41 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\MMFApplications
2015-03-03 17:51 - 2011-10-09 12:31 - 00000000 ____D () C:\Games
2015-03-02 19:33 - 2015-01-12 21:57 - 00042880 _____ () C:\Users\Martin\Downloads\Bomb Ground Explosion Effect green screen with sound.mp4.sfk
2015-03-02 19:33 - 2015-01-12 19:08 - 00009792 _____ () C:\Users\Martin\Downloads\Eddy Wally - 'Wow' (For use in montage parodies, etc.).mp4.sfk
2015-03-02 19:33 - 2015-01-12 19:08 - 00009792 _____ () C:\Users\Martin\Downloads\Eddy Wally - 'Wow' (For use in montage parodies, etc.) (1).mp4.sfk
2015-03-01 13:42 - 2012-03-26 16:45 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DarknessII
2015-03-01 08:04 - 2011-08-12 07:56 - 00000368 _____ () C:\Windows\lgfwup.ini
2015-03-01 08:04 - 2011-08-12 07:55 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2015-02-23 20:11 - 2011-08-12 09:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype
2015-02-18 15:32 - 2014-12-12 18:26 - 00000934 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-02-18 15:32 - 2014-12-11 21:56 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
==================== Files in the root of some directories =======
2011-08-22 15:32 - 2011-08-23 18:44 - 0000042 _____ () C:\Program Files (x86)\4StoryEGLogin.txt
2004-02-05 00:04 - 2004-02-05 00:04 - 1062333 _____ (Indigo Rose Corporation http://www.indigorose.com) C:\Program Files (x86)\GTA Mod Installer.exe
2008-06-17 03:32 - 2008-06-17 03:32 - 0000349 _____ () C:\Program Files (x86)\license.txt
2008-06-19 21:34 - 2008-06-19 21:34 - 0002969 _____ () C:\Program Files (x86)\readme.txt
2008-06-20 03:42 - 2008-06-20 03:42 - 0046387 _____ () C:\Program Files (x86)\source.txt
2011-08-12 09:38 - 2015-02-07 22:50 - 0000167 _____ () C:\Users\Martin\AppData\Roaming\default.rss
2012-01-05 19:41 - 2012-01-05 19:41 - 0003584 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-25 11:54 - 2014-05-25 11:55 - 1065984 _____ () C:\Users\Martin\AppData\Local\file__0.localstorage
2011-09-04 09:56 - 2011-09-04 09:56 - 0000094 _____ () C:\Users\Martin\AppData\Local\fusioncache.dat
2015-03-19 18:50 - 2015-03-19 18:51 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2014-07-27 16:16 - 2014-07-29 14:40 - 0007596 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2012-09-29 10:30 - 2013-04-08 15:51 - 1426411 ____N () C:\Users\Martin\AppData\Local\Tempmusic.ogg
ZeroAccess:
C:\Windows\Installer\{085c8539-fde1-32e1-be0b-41bc372b1e8c}
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-17 19:45
==================== End Of Log ============================
Naposledy upravil(a) Kecar22 dne 19 bře 2015 21:12, celkem upraveno 1 x.
Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Log neni cely, spustte prosim FRST a kliknete na Scan a pockejte na dokonceni Scanu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Předchozí příspěvek o logu z FRST byl upraven. Prosím o zpětnou kontrolu.
Re: Kontrola logu a podezření z dnkt.exe a jeho odstranění.
Tohle pouzivate Proxy Switcher Standard? Pokud ne, tak odinstalovat Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: RemoveProxy: HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation) HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.) HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] () HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-11-05] (Bitleader) HKLM-x32\...\Run: [ConduitHelper] => C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe [274216 2011-08-31] (Conduit Ltd.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [4474832 2012-12-25] (IObit) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.) HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [PSwitch] => C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe (the data entry has 65 more characters). HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [uTorrent] => C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.) HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Run: [f.lux] => C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC) HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\MountPoints2: {02aaf08a-8be5-11e2-9fa7-f46d04612e12} - J:\Autorun.exe HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\MountPoints2: {1fc6396c-e415-11e2-99bf-005056c00008} - I:\Autorun.exe HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\MountPoints2: {5f77917d-c4a8-11e0-be94-806e6f6e6963} - D:\autorun.exe HKU\S-1-5-21-59572626-2808751585-3448677005-1002\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION ProxyEnable: [S-1-5-21-59572626-2808751585-3448677005-1009] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-59572626-2808751585-3448677005-1009] => http=127.0.0.1:8555;https=127.0.0.1:8555 ProxyEnable: [S-1-5-21-59572626-2808751585-3448677005-1010] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-59572626-2808751585-3448677005-1010] => http=127.0.0.1:8555;https=127.0.0.1:8555 HKU\S-1-5-21-59572626-2808751585-3448677005-1009\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-result.info/?pid=72 ... g=EN&cc=CZ HKU\S-1-5-21-59572626-2808751585-3448677005-1010\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-result.info/?pid=72 ... g=EN&cc=CZ URLSearchHook: HKLM-x32 - (No Name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 - (No Name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File URLSearchHook: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 - (No Name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - No File SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1002 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> DefaultScope {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3176921&CUI=UN30731572661074931 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=116775&tt=4512_6&babsrc=SP_ss&mntrId=084b861e00000000000000ff098d03b9 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {54EDFBA8-A017-46C2-B716-8C1A9E098BCA} URL = http://search.yahoo.com/search?fr=chr-g ... =382950&p={searchTerms} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3176921&CUI=UN30731572661074931 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C5C0D2BF-257F-40F3-912E-B008F251BF71}&mid=9c27b09014a647d190de25244285c7e1-423dcbea8400b44eebb74e721962d5adc9c7fa27&lang=en&ds=tt014&pr=sa&d=2011-12-09 20:24:39&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browse ... ickfigure/{516A6750-73A1-41F4-8AD6-0191510323C8}?q={searchTerms} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-result.info/?l=1&q={searchTerms}&pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6R8U4N ... kw&search={searchTerms}&i=26 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&st=2&q={searchTerms}&barid={C58F15B7-DBA1-11E0-8BB7-F46D04612E12} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> DefaultScope {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3176921&CUI=UN30731572661074931 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=116775&tt=4512_6&babsrc=SP_ss&mntrId=084b861e00000000000000ff098d03b9 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {54EDFBA8-A017-46C2-B716-8C1A9E098BCA} URL = http://search.yahoo.com/search?fr=chr-g ... =382950&p={searchTerms} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {641375CA-C066-44B0-8167-91F2AFBCC613} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3176921&CUI=UN30731572661074931 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C5C0D2BF-257F-40F3-912E-B008F251BF71}&mid=9c27b09014a647d190de25244285c7e1-423dcbea8400b44eebb74e721962d5adc9c7fa27&lang=en&ds=tt014&pr=sa&d=2011-12-09 20:24:39&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browse ... ickfigure/{516A6750-73A1-41F4-8AD6-0191510323C8}?q={searchTerms} SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-result.info/?l=1&q={searchTerms}&pid=721&r=2013/06/05&hid=3165131967&lg=EN&cc=CZ SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6R8U4N ... kw&search={searchTerms}&i=26 SearchScopes: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&st=2&q={searchTerms}&barid={C58F15B7-DBA1-11E0-8BB7-F46D04612E12} BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06] (Microsoft Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1009 -> No Name - {88AC3CB6-596B-4217-964C-B6757EF9602D} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File Toolbar: HKU\S-1-5-21-59572626-2808751585-3448677005-1010 -> No Name - {88AC3CB6-596B-4217-964C-B6757EF9602D} - No File insock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" CHR DefaultSearchKeyword: Default -> mystart.incredibar.com/ CHR DefaultSearchURL: Default -> http://mystart.incredibar.com/?a=6R8U4N ... kw&search={searchTerms} CHR DefaultSuggestURL: Default -> CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14] S4 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit) R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com) S3 DIRECTIO; \??\C:\Program Files (x86)\BurnInTest\DirectIo.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S0 vmci; system32\DRIVERS\vmci.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] C:\Program Files (x86)\IObit C:\Program Files\McAfee Security Scan 2015-03-19 18:53 - 2015-03-19 18:53 - 00031871 _____ () C:\Users\Martin\Desktop\FRST.txt 2015-03-19 18:51 - 2015-03-19 18:51 - 00015327 _____ () C:\Users\Martin\Desktop\LM.bat 2015-03-19 18:50 - 2015-03-19 18:51 - 00029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE 2015-03-19 18:49 - 2015-03-19 18:49 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe 2015-03-19 16:01 - 2015-03-19 16:26 - 00000000 ____D () C:\Users\Martin\Desktop\mbar 2015-03-19 16:01 - 2015-03-19 16:01 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-19 15:59 - 2015-03-19 15:59 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Martin\Desktop\mbar-1.09.1.1004.exe 2015-03-18 19:26 - 2015-03-18 18:24 - 00024064 _____ () C:\Windows\zoek-delete.exe 2015-03-18 18:29 - 2015-03-18 19:30 - 00022220 _____ () C:\zoek-results.log 2015-03-18 18:24 - 2015-03-18 19:21 - 00000000 ____D () C:\zoek_backup 2015-03-18 18:03 - 2015-03-18 18:15 - 00000000 ____D () C:\AdwCleaner 2015-03-18 18:02 - 2015-03-18 18:02 - 01305600 _____ () C:\Users\Martin\Desktop\zoek.exe 2015-03-18 17:59 - 2015-03-18 18:00 - 02171392 _____ () C:\Users\Martin\Downloads\adwcleaner_4.112.exe 2015-03-18 17:17 - 2015-03-18 17:18 - 00000000 ____D () C:\rsit 2015-03-18 17:17 - 2015-03-18 17:18 - 00000000 ____D () C:\Program Files\trend micro 2015-03-18 17:13 - 2015-03-18 17:13 - 01222144 _____ () C:\Users\Martin\Downloads\RSITx64.exe 2015-03-07 21:59 - 2015-03-07 21:59 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Martin\Downloads\SpyHunter-Installer.exe C:\Windows\Installer\{085c8539-fde1-32e1-be0b-41bc372b1e8c} Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?