Děkuji za kontrolu...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jakub at 2015-04-01 18:39:32
Microsoft Windows 8 Pro
System drive C: has 267 GB (57%) free of 464 GB
Total RAM: 3938 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:39:54, on 1. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17267)
Boot mode: Normal
Running processes:
C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jakub.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C - (no file)
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Andy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [qhzrqdoikr] wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\qhzrqdoikr.vbs"
O4 - HKCU\..\Run: [wradwykpko] wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\wradwykpko.vbs"
O4 - HKCU\..\Run: [dnhsinhakf] wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\dnhsinhakf.vbs"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Andy\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-21-1582357562-1760955146-2745679186-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Andy\AppData\Roaming\Seznam.cz\szninstall.exe" -c (User '?')
O4 - HKUS\S-1-5-21-1582357562-1760955146-2745679186-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q (User '?')
O4 - HKUS\S-1-5-21-1582357562-1760955146-2745679186-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount (User '?')
O4 - HKUS\S-1-5-21-1582357562-1760955146-2745679186-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1582357562-1760955146-2745679186-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [qhzrqdoikr] wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\qhzrqdoikr.vbs" (User '?')
O4 - HKUS\S-1-5-21-1582357562-1760955146-2745679186-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [wradwykpko] wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\wradwykpko.vbs" (User '?')
O4 - HKUS\S-1-5-21-1582357562-1760955146-2745679186-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [dnhsinhakf] wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\dnhsinhakf.vbs" (User '?')
O4 - HKUS\S-1-5-21-1582357562-1760955146-2745679186-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [uTorrent] "C:\Users\Andy\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (User '?')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} -
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\suppor~1\suppor~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - AuthenTec, Inc - C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem51.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LnvMHService (LnvHotSpotSvc) - Lenovo - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
O23 - Service: Location Task Manager (LocationTaskManager) - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: TrueAPI Service component (TrueService) - AuthenTec, Inc. - C:\Program Files\Common Files\AuthenTec\TrueService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 17148 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe"
C:\windows\system32\ibmpmsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-520d97e0-77f0-4442-b5ff-561b6661ee1f -SystemEventPortName:HostProcess-2546bd84-9c88-4182-a042-e638f00d8a64 -IoCancelEventPortName:HostProcess-47a21841-0bf0-4b60-b371-6ebfe7b20570 -NonStateChangingEventPortName:HostProcess-1c396f8b-cf83-4d35-9461-72018114274b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0a53fcbc-e737-44bc-917a-07a21eeb6c44 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-376584c7-6965-43e1-9520-46f0b2f17f72 -SystemEventPortName:HostProcess-79574cbd-118f-47a8-8b85-f85791e4c46b -IoCancelEventPortName:HostProcess-d2499865-cfea-4f07-a594-ebab0fc2aa84 -NonStateChangingEventPortName:HostProcess-033a01d4-d9eb-4021-9567-45988a64bb3a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b666a993-af7a-4b43-854a-84cd82106da8 -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0091ebf1-f88f-478e-97ee-2d0f7fa143bb -SystemEventPortName:HostProcess-8f388063-ea44-434b-80be-190b8ee5d31c -IoCancelEventPortName:HostProcess-4643dee5-1429-4781-99b3-0c7c8780c7d5 -NonStateChangingEventPortName:HostProcess-f2530cb6-f9e9-47b2-b507-0fc4acbadae6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4cc63a8d-d4ca-45b3-a0a1-acd1a630258b -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3fae9092-a7d2-4f1f-85cd-4ec1dde86c16 -SystemEventPortName:HostProcess-e839c65e-bc56-423c-99e4-c7d3098bfa52 -IoCancelEventPortName:HostProcess-ce20328e-6dbe-4841-b8d9-ec93132ed9f4 -NonStateChangingEventPortName:HostProcess-7da7e3b9-7a63-479e-87aa-b306e2f48a5b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3693d7e2-3062-4474-a7a2-a35f6ad68bbc -DeviceGroupId:
"dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b296fea2-e6fe-487c-aee8-823bf976b5d8 -SystemEventPortName:HostProcess-1f720d05-6ac4-4b02-9e8c-ab3fc88410dd -IoCancelEventPortName:HostProcess-4ae8fdd6-4cf7-4d75-b3e4-a56d072c4695 -NonStateChangingEventPortName:HostProcess-90604804-f24e-4271-9048-34fb9001c2ff -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3a077503-f095-47ad-80c9-533f3ed8ed41 -DeviceGroupId:
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 904288813904
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k WbioSvcGroup
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {c2f4a4af-5db2-424b-bf6fe12ebc3f9faa}
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files\Software Informer\softinfo.exe" -service
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\windows\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
taskeng.exe {22CFC6ED-79B6-4144-9C7F-31A9B04C091E}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe"
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\AuthenTec\TrueService.exe"
/ChildServer
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Lenovo\HOTKEY\extapsup.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
szndesktop.exe default start
"C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /SHOWASYNC
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /uac
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x1a0_0x1ac4_0x5fb73af0"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe"
"C:\windows\system32\RunDll32.exe" "C:\windows\system32\WerConCpl.dll", LaunchErcApp -queuereportingnopester
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\system32\AUDIODG.EXE 0x780
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3824.0.1648802076\590655840" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3190 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --channel="3824.6.2132622433\665886363" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/SPDY/SpdyDisabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --extension-process --renderer-print-preview --enable-software-compositing --channel="3824.7.1602917484\921956270" /prefetch:673131151
"C:\windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Andy\Downloads\RSITx64.exe"
C:\windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@authentec.com/ffwloplugin]
"Description"=
"Path"=C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\extensions\
jid0-MXvUXM1npF7yTcY3bpZVht72AR4@jetpack
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\searchplugins\
google-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Browser Helper Object - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-08-31 2517864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-31 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-01-21 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Browser Helper Object - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-08-31 2352488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-31 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}C]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-01-21 1729744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2012-06-15 887968]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"TpShocks"=C:\windows\system32\TpShocks.exe [2012-08-24 222720]
""= []
"LnvMobHotspotClient"=C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2014-08-12 937968]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-08-05 87536]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2013-06-06 399856]
"Persistence"=C:\windows\system32\igfxpers.exe [2013-06-06 442352]
"LenovoOptMouseUpdate"=C:\Program Files\Lenovo\HOTKEY\extapsup.exe [2013-06-20 255480]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-08-27 11577216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Andy\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-17 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2014-03-19 1523200]
"qhzrqdoikr"=wscript.exe //B C:\Users\Andy\AppData\Local\Temp\qhzrqdoikr.vbs []
"wradwykpko"=wscript.exe //B C:\Users\Andy\AppData\Local\Temp\wradwykpko.vbs []
"dnhsinhakf"=wscript.exe //B C:\Users\Andy\AppData\Local\Temp\dnhsinhakf.vbs []
"uTorrent"=C:\Users\Andy\AppData\Roaming\uTorrent\uTorrent.exe [2015-02-01 1374032]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-05-31 132920]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2012-08-10 64000]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-17 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5227648]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-11 256896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2013-05-21 442880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-01 18:39:37 ----D---- C:\Program Files\trend micro
2015-04-01 18:39:32 ----D---- C:\rsit
2015-04-01 18:24:49 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2015-04-01 17:57:54 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll
2015-04-01 17:57:54 ----A---- C:\windows\system32\Windows.Globalization.dll
2015-04-01 14:17:20 ----D---- C:\Program Files (x86)\Company
2015-03-25 22:28:29 ----D---- C:\Program Files (x86)\Overwolf
2015-03-25 22:23:14 ----D---- C:\Users\Andy\AppData\Roaming\TS3Client
2015-03-25 13:07:54 ----A---- C:\windows\system32\acmigration.dll
2015-03-25 13:07:53 ----A---- C:\windows\system32\appraiser.dll
2015-03-25 13:07:52 ----A---- C:\windows\system32\invagent.dll
2015-03-25 13:07:52 ----A---- C:\windows\system32\generaltel.dll
2015-03-25 13:07:52 ----A---- C:\windows\system32\devinv.dll
2015-03-25 13:07:52 ----A---- C:\windows\system32\aeinv.dll
2015-03-25 13:07:51 ----A---- C:\windows\system32\aepdu.dll
2015-03-25 13:07:44 ----A---- C:\windows\system32\AutoUpdate.exe
2015-03-25 13:07:43 ----A---- C:\windows\SYSWOW64\WSShared.dll
2015-03-25 13:07:43 ----A---- C:\windows\system32\NotificationUI.exe
2015-03-25 13:07:42 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-25 13:07:42 ----A---- C:\windows\system32\WSShared.dll
2015-03-25 13:07:42 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-16 23:20:03 ----A---- C:\windows\system32\drivers\WdFilter.sys
2015-03-16 23:20:02 ----A---- C:\windows\system32\drivers\WdBoot.sys
2015-03-16 22:40:42 ----A---- C:\windows\SYSWOW64\ubpm.dll
2015-03-16 22:40:42 ----A---- C:\windows\system32\ubpm.dll
2015-03-16 22:40:19 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-03-16 22:40:18 ----A---- C:\windows\system32\inetcomm.dll
2015-03-16 22:40:17 ----A---- C:\windows\system32\mshtml.dll
2015-03-16 22:40:12 ----A---- C:\windows\SYSWOW64\INETRES.dll
2015-03-16 22:40:12 ----A---- C:\windows\system32\INETRES.dll
2015-03-16 22:40:10 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-03-16 22:40:07 ----A---- C:\windows\system32\ieframe.dll
2015-03-16 22:40:05 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-03-16 22:40:04 ----A---- C:\windows\system32\wininet.dll
2015-03-16 22:40:04 ----A---- C:\windows\system32\iertutil.dll
2015-03-16 22:40:03 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-03-16 22:40:03 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-03-16 22:40:03 ----A---- C:\windows\system32\urlmon.dll
2015-03-16 22:40:02 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-03-16 22:40:02 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-03-16 22:40:02 ----A---- C:\windows\system32\vbscript.dll
2015-03-16 22:40:01 ----A---- C:\windows\system32\msfeeds.dll
2015-03-16 22:40:00 ----A---- C:\windows\system32\uxtheme.dll
2015-03-16 22:39:59 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-03-16 22:39:59 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-03-16 22:39:59 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2015-03-16 22:39:59 ----A---- C:\windows\system32\mshtmled.dll
2015-03-16 22:39:59 ----A---- C:\windows\system32\iesysprep.dll
2015-03-16 22:39:59 ----A---- C:\windows\system32\dxtrans.dll
2015-03-16 22:39:58 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-03-16 22:39:58 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-03-16 22:39:58 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-03-16 22:39:58 ----A---- C:\windows\system32\jscript9.dll
2015-03-16 22:39:58 ----A---- C:\windows\system32\jscript.dll
2015-03-16 22:39:58 ----A---- C:\windows\system32\iedkcs32.dll
2015-03-16 22:39:57 ----A---- C:\windows\SYSWOW64\UXInit.dll
2015-03-16 22:39:57 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-03-16 22:39:57 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-03-16 22:39:57 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-03-16 22:39:57 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-03-16 22:39:57 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-03-16 22:39:57 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-03-16 22:39:57 ----A---- C:\windows\system32\UXInit.dll
2015-03-16 22:39:57 ----A---- C:\windows\system32\msrating.dll
2015-03-16 22:39:57 ----A---- C:\windows\system32\jsproxy.dll
2015-03-16 22:39:57 ----A---- C:\windows\system32\iesetup.dll
2015-03-16 22:39:57 ----A---- C:\windows\system32\iernonce.dll
2015-03-16 22:39:57 ----A---- C:\windows\system32\ie4uinit.exe
2015-03-16 22:39:57 ----A---- C:\windows\system32\dxtmsft.dll
2015-03-16 22:39:56 ----A---- C:\windows\SYSWOW64\uxtheme.dll
2015-03-16 22:39:54 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2015-03-16 22:39:54 ----A---- C:\windows\system32\WindowsCodecs.dll
2015-03-16 22:39:53 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2015-03-16 22:39:53 ----A---- C:\windows\system32\WMPhoto.dll
2015-03-16 22:39:48 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-03-16 22:39:48 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-03-16 22:39:48 ----A---- C:\windows\system32\atmlib.dll
2015-03-16 22:39:48 ----A---- C:\windows\system32\atmfd.dll
2015-03-16 22:39:47 ----A---- C:\windows\system32\msctf.dll
2015-03-16 22:39:46 ----A---- C:\windows\SYSWOW64\msctf.dll
2015-03-16 22:39:42 ----A---- C:\windows\SYSWOW64\shell32.dll
2015-03-16 22:39:41 ----A---- C:\windows\system32\shell32.dll
2015-03-16 22:39:13 ----A---- C:\windows\system32\rdpudd.dll
2015-03-16 22:39:06 ----A---- C:\windows\system32\ntoskrnl.exe
2015-03-16 22:38:57 ----A---- C:\windows\system32\win32k.sys
2015-03-16 22:38:50 ----A---- C:\windows\system32\schannel.dll
2015-03-16 22:38:50 ----A---- C:\windows\system32\SHCore.dll
2015-03-16 22:38:50 ----A---- C:\windows\system32\drivers\cng.sys
2015-03-16 22:38:49 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-03-16 22:38:49 ----A---- C:\windows\SYSWOW64\SHCore.dll
======List of files/folders modified in the last 1 month======
2015-04-01 18:39:37 ----D---- C:\Program Files
2015-04-01 18:37:59 ----D---- C:\windows\system32\Tasks
2015-04-01 18:33:24 ----D---- C:\windows\Temp
2015-04-01 18:32:40 ----D---- C:\Kuba-filmy
2015-04-01 18:29:36 ----D---- C:\windows\Prefetch
2015-04-01 18:29:16 ----D---- C:\Windows
2015-04-01 18:24:29 ----D---- C:\Users\Andy\AppData\Roaming\Seznam.cz
2015-04-01 18:23:00 ----D---- C:\Users\Andy\AppData\Roaming\uTorrent
2015-04-01 18:22:47 ----D---- C:\windows\SoftwareDistribution
2015-04-01 18:22:47 ----D---- C:\windows\Minidump
2015-04-01 18:22:47 ----D---- C:\windows\Inf
2015-04-01 18:22:47 ----D---- C:\windows\debug
2015-04-01 18:18:56 ----D---- C:\windows\system32\config
2015-04-01 18:18:52 ----D---- C:\windows\WinSxS
2015-04-01 18:18:42 ----D---- C:\windows\System32
2015-04-01 18:15:45 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-01 18:15:44 ----D---- C:\windows\SysWOW64
2015-04-01 18:15:41 ----D---- C:\Program Files\Internet Explorer
2015-04-01 18:15:36 ----D---- C:\windows\SYSWOW64\en-US
2015-04-01 18:15:36 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-04-01 18:15:36 ----D---- C:\windows\system32\en-US
2015-04-01 18:15:36 ----D---- C:\windows\system32\cs-CZ
2015-04-01 18:15:35 ----D---- C:\windows\system32\Drivers
2015-04-01 18:15:31 ----D---- C:\Program Files\Windows Defender
2015-04-01 18:15:30 ----D---- C:\Program Files (x86)\Windows Defender
2015-04-01 18:15:23 ----SD---- C:\windows\system32\CompatTel
2015-04-01 18:15:22 ----D---- C:\windows\system32\wbem
2015-04-01 18:15:22 ----D---- C:\windows\system32\appraiser
2015-04-01 18:15:21 ----D---- C:\windows\apppatch
2015-04-01 18:15:20 ----D---- C:\windows\WinStore
2015-04-01 18:15:19 ----RD---- C:\windows\ToastData
2015-04-01 18:15:15 ----D---- C:\windows\PolicyDefinitions
2015-04-01 18:09:26 ----D---- C:\windows\CbsTemp
2015-04-01 18:08:39 ----SHD---- C:\windows\Installer
2015-04-01 18:08:39 ----SHD---- C:\Config.Msi
2015-04-01 18:08:25 ----D---- C:\ProgramData\Microsoft Help
2015-04-01 18:05:09 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-04-01 18:05:07 ----A---- C:\windows\system32\usercpl.dll
2015-04-01 18:05:06 ----A---- C:\windows\system32\adtschema.dll
2015-04-01 18:05:02 ----A---- C:\windows\SYSWOW64\usercpl.dll
2015-04-01 18:02:09 ----D---- C:\windows\system32\sru
2015-04-01 17:57:27 ----RSD---- C:\windows\assembly
2015-04-01 17:56:23 ----D---- C:\windows\system32\MRT
2015-04-01 17:50:09 ----A---- C:\windows\system32\MRT.exe
2015-04-01 17:48:46 ----A---- C:\windows\win.ini
2015-04-01 17:32:22 ----D---- C:\windows\system32\NDF
2015-04-01 14:17:20 ----D---- C:\Program Files (x86)
2015-04-01 06:33:45 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-31 19:27:28 ----D---- C:\windows\system32\DriverStore
2015-03-31 19:25:47 ----D---- C:\Program Files (x86)\The Walking Dead Survival Instinct
2015-03-31 06:50:53 ----D---- C:\Users\Andy\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-03-31 06:50:10 ----D---- C:\ProgramData\Package Cache
2015-03-31 06:50:02 ----SHD---- C:\System Volume Information
2015-03-30 09:09:49 ----D---- C:\windows\Microsoft.NET
2015-03-26 16:27:21 ----D---- C:\Program Files (x86)\Common Files
2015-03-26 16:27:21 ----AD---- C:\ProgramData
2015-03-25 13:07:24 ----D---- C:\windows\system32\catroot2
2015-03-14 23:37:35 ----AD---- C:\ProgramData\Lenovo
2015-03-12 08:11:47 ----D---- C:\Users\Andy\AppData\Roaming\.minecraft
2015-03-11 17:32:07 ----D---- C:\windows\rescache
2015-03-11 16:51:40 ----A---- C:\windows\clofghls.dll
2015-03-09 11:48:32 ----D---- C:\Pavla Vojta Filmy
2015-03-04 23:24:17 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-03-04 20:52:13 ----D---- C:\The KMPlayer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-12-31 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-12-31 267632]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2013-01-10 647736]
R0 Shockprf;Shockprf; C:\windows\System32\DRIVERS\Apsx64.sys [2012-07-24 148328]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2014-01-28 386680]
R0 TPDIGIMN;TPDIGIMN; C:\windows\System32\DRIVERS\ApsHM64.sys [2012-08-13 25448]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-12-31 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-12-31 1050432]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-12-31 436624]
R1 TPPWRIF;TPPWRIF; C:\windows\System32\drivers\Tppwr64v.sys [2014-09-05 20736]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-12-31 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-12-31 83280]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-12-31 116728]
R3 AMPPAL;@oem33.inf,%AMPPAL.SVCDESC%;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\windows\System32\drivers\AMPPAL.sys [2013-05-21 165344]
R3 CnxtHdAudService;@oem32.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2012-09-21 1609376]
R3 IBMPMDRV;IBMPMDRV; C:\windows\system32\DRIVERS\ibmpmdrv.sys [2014-11-14 60112]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2013-05-21 5359168]
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem27.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2012-08-10 25568]
R3 LnvHIDHW;@oem127.inf,%LnvHIDHW%;Lenovo HID Mini-driver for Hardware Radio Switch; C:\windows\System32\drivers\LnvHIDHW.sys [2014-04-07 29496]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2015-04-01 129752]
R3 MEIx64;@oem9.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2013-05-14 64624]
R3 NETwNe64;@oem31.inf,%NIC_Service_DispName_WIN8_64%;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 8 64 Bit; C:\windows\system32\DRIVERS\NETwew00.sys [2013-10-09 3345376]
R3 RCUVCAVS;@oem8.inf,%RCUVCAVS.ServiceName%;Ricoh UVC AVStream driver; C:\windows\system32\DRIVERS\RCUVCAVS.sys [2012-10-22 149632]
R3 RSP2STOR;@oem6.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\windows\system32\DRIVERS\RtsP2Stor.sys [2012-12-13 288480]
R3 RTL8168;@oem35.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2012-12-28 760032]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-04-26 33008]
R3 SynTP;@oem30.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
S3 AMPPALP;@oem34.inf,%AMPPALP_Desc%;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\windows\system32\DRIVERS\amppal.sys [2013-05-21 165344]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
S3 btmaux;@oem14.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2012-08-27 121728]
S3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-10-15 1390904]
S3 BTWDPAN;@oem99.inf,%BTWDPAN.DisplayName%;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2010-11-15 84008]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 HTCAND64;@oem92.inf,%HTCAND64.SvcDesc%;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2010-04-29 32768]
S3 htcnprot;@oem95.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2013-10-15 69088]
S3 intaud_WaveExtensible;@oem26.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2012-08-10 35296]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 nmwcd;@oem106.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;@oem110.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pneteth;@oem97.inf,%pneteth.Service.DispName%;PdaNet Broadband; C:\windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
S3 SPBIUpdd;ShopperPro UpdateD; \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys []
S3 SWIX64;SWIX64; \??\C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [2012-09-12 33856]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usb3Hub;@oem28.inf,%usb3Hub.SVCDESC%;USB-IF USB 3.0 Hub; C:\windows\System32\drivers\usb3Hub.sys [2012-08-10 48096]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-02 43008]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-06 210560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-09-13 731688]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-31 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-09-06 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-15 135984]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2012-06-09 201376]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-09-24 617776]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
R2 FPLService;TrueSuiteService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2012-08-31 2139496]
R2 IBMPMSVC;@oem51.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\windows\system32\ibmpmsvc.exe [2014-11-14 84208]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-15 2468496]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-05 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-05 166720]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-09-16 2014664]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [2012-08-16 559504]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2014-08-05 525296]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2013-06-24 110072]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-08-05 535024]
R2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-08-05 727536]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LnvHotSpotSvc;LnvMHService; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [2014-08-12 474608]
R2 LocationTaskManager;Location Task Manager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2014-06-10 470000]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-09-24 149296]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-06-20 125432]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 TrueService;TrueAPI Service component; C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-07-16 401256]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-07 116648]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-31 364856]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-11-11 685568]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-08-05 599024]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2013-06-06 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-07 116648]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-09-03 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-09-24 272176]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\windows\System32\TPHDEXLG64.exe [2012-08-13 46984]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka prosím
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka prosím
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka prosím
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2. 4. 2015
Čas skenování: 9:36:19
Protokol: log.txt
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.04.02.02
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Jakub
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 631096
Uplynulý čas: 2 hod, 15 min, 46 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 5
PUP.Optional.SensePlus.A, HKLM\SOFTWARE\WOW6432NODE\SensePlus-nv, Do karantény, [83475116c5c58aacb5d23c81ba49966a],
PUP.Optional.iWebar.A, HKU\S-1-5-18\SOFTWARE\iWebar-nv, Do karantény, [63674720ed9d61d5b15a6063dd2654ac],
PUP.Optional.SensePlus.A, HKU\S-1-5-18\SOFTWARE\SensePlus-nv, Do karantény, [bd0d11564446bc7a078117a61ae9f907],
PUP.Optional.SensePlus.A, HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\SensePlus-nv, Do karantény, [48826cfb4b3fc472c5c311acce351ee2],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, Do karantény, [dfeb5413dcaec5718dd44571e221aa56],
Hodnoty registru: 2
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, Do karantény, [99310d5ad7b338feeddb5c59b053e11f]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, Do karantény, [dfeb5413dcaec5718dd44571e221aa56]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, Do karantény, [37935b0c1377a29463a1e1d4e81b956b],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, Do karantény, [37935b0c1377a29463a1e1d4e81b956b],
Soubory: 3
VirTool.Obfuscator, C:\Program Files (x86)\Warner Bros. Interactive Entertainment\LEGO® The Lord of the Ringsâ?c\rld.dll, Do karantény, [14b691d6187287af300e5e1add2427d9],
BitcoinMiner, C:\Windows\Inf\msqehluyx\msqehluyx.exe, Do karantény, [4d7d184f0486c076641049e123de46ba],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, Do karantény, [37935b0c1377a29463a1e1d4e81b956b],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 2. 4. 2015
Čas skenování: 9:36:19
Protokol: log.txt
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.04.02.02
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Jakub
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 631096
Uplynulý čas: 2 hod, 15 min, 46 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 5
PUP.Optional.SensePlus.A, HKLM\SOFTWARE\WOW6432NODE\SensePlus-nv, Do karantény, [83475116c5c58aacb5d23c81ba49966a],
PUP.Optional.iWebar.A, HKU\S-1-5-18\SOFTWARE\iWebar-nv, Do karantény, [63674720ed9d61d5b15a6063dd2654ac],
PUP.Optional.SensePlus.A, HKU\S-1-5-18\SOFTWARE\SensePlus-nv, Do karantény, [bd0d11564446bc7a078117a61ae9f907],
PUP.Optional.SensePlus.A, HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\SensePlus-nv, Do karantény, [48826cfb4b3fc472c5c311acce351ee2],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, Do karantény, [dfeb5413dcaec5718dd44571e221aa56],
Hodnoty registru: 2
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, Do karantény, [99310d5ad7b338feeddb5c59b053e11f]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, Do karantény, [dfeb5413dcaec5718dd44571e221aa56]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, Do karantény, [37935b0c1377a29463a1e1d4e81b956b],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, Do karantény, [37935b0c1377a29463a1e1d4e81b956b],
Soubory: 3
VirTool.Obfuscator, C:\Program Files (x86)\Warner Bros. Interactive Entertainment\LEGO® The Lord of the Ringsâ?c\rld.dll, Do karantény, [14b691d6187287af300e5e1add2427d9],
BitcoinMiner, C:\Windows\Inf\msqehluyx\msqehluyx.exe, Do karantény, [4d7d184f0486c076641049e123de46ba],
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, Do karantény, [37935b0c1377a29463a1e1d4e81b956b],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Preventivka prosím
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka prosím
# AdwCleaner v4.200 - Log vytvooen 02/04/2015 v 15:12:23
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 8 Pro (x64)a
# Uživatelské jméno : Jakub - KUBA
# Spuštino z : C:\Users\Andy\Desktop\adwcleaner_4.200.exe
# Nastavení : Eištiní
***** [ Služby ] *****
[#] Služba Smazáno : SPBIUpdd
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\RegClean
Složka Smazáno : C:\ProgramData\15412fa6ce15dc71
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\Mobogenie
Složka Smazáno : C:\Program Files (x86)\Registry Dr
Složka Smazáno : C:\Program Files (x86)\SmartTweak
Složka Smazáno : C:\Program Files (x86)\supporter
Složka Smazáno : C:\Program Files (x86)\Optimizer Pro 3.26
Složka Smazáno : C:\Program Files (x86)\DriverToolkit
Složka Smazáno : C:\windows\SysWOW64\SearchProtect
Složka Smazáno : C:\Program Files\PCDApp
Složka Smazáno : C:\Users\Andy\Ap
Složka Smazáno : C:\Users\Andy\AppData\Local\Chromatic Browser
Složka Smazáno : C:\Users\Andy\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Andy\AppData\Local\Mobogenie
Složka Smazáno : C:\Users\Andy\AppData\Local\RegistryDr
Složka Smazáno : C:\Users\Andy\AppData\Local\torch
Složka Smazáno : C:\Users\Andy\AppData\Local\DriverToolkit
Složka Smazáno : C:\Users\Andy\AppData\Roaming\DownloadManager
Složka Smazáno : C:\Users\Andy\AppData\Roaming\dll-files.com
Složka Smazáno : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Složka Smazáno : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Složka Smazáno : C:\Users\Andy\Documents\Mobogenie
Složka Smazáno : C:\Users\Andy\Documents\Optimizer Pro
Složka Smazáno : C:\Users\Andy\Documents\RegistryDr
Složka Smazáno : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Smazáno : C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Složka Smazáno : C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
Soubor Smazáno : C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
Soubor Smazáno : C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
Soubor Smazáno : C:\Users\Andy\daemonprocess.txt
***** [ Naplánované úlohy ] *****
Úloha Smazáno : LaunchSignup
Úloha Smazáno : Price-Horse
Úloha Smazáno : Price-Horse Updater
Úloha Smazáno : RegistryDr_Start
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Klíe Smazáno : HKCU\Software\6028eace21edca779c427d29f5646e96
Klíe Smazáno : HKLM\SOFTWARE\9c8e0af0-f397-4a04-8005-68567ec3eb46
Klíe Smazáno : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíe Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Klíe Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíe Smazáno : HKCU\Software\GlobalUpdate
Klíe Smazáno : HKCU\Software\Goobzo
Klíe Smazáno : HKCU\Software\Optimizer Pro
Klíe Smazáno : HKCU\Software\RegisteredApplicationsEx
Klíe Smazáno : HKCU\Software\smarttweak
Klíe Smazáno : HKCU\Software\DriverToolkit
Klíe Smazáno : HKCU\Software\RegistryDrLanguage
Klíe Smazáno : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klíe Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíe Smazáno : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Klíe Smazáno : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Klíe Smazáno : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Klíe Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíe Smazáno : HKLM\SOFTWARE\SupDp
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart File Advisor_is1
Klíe Smazáno : [x64] HKLM\SOFTWARE\ShopperPro
Klíe Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Data Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\suppor~1\suppor~1.dll
***** [ Prohlížeee ] *****
-\\ Internet Explorer v10.0.9200.17267
-\\ Mozilla Firefox v31.0 (x86 cs)
[6rbl9mf6.default\prefs.js] - Oádek Smazáno : user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
-\\ Google Chrome v34.0.1847.137
-\\ Comodo Dragon v
[C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-07-27&apn_dtid=%5ECMD161%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Smazáno [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Smazáno [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko
-\\ Chrome Canary v
*************************
AdwCleaner[R0].txt - [9038 bytu] - [02/04/2015 15:10:26]
AdwCleaner[S0].txt - [8410 bytu] - [02/04/2015 15:12:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8468 bytu] ##########
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 8 Pro (x64)a
# Uživatelské jméno : Jakub - KUBA
# Spuštino z : C:\Users\Andy\Desktop\adwcleaner_4.200.exe
# Nastavení : Eištiní
***** [ Služby ] *****
[#] Služba Smazáno : SPBIUpdd
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\RegClean
Složka Smazáno : C:\ProgramData\15412fa6ce15dc71
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\Mobogenie
Složka Smazáno : C:\Program Files (x86)\Registry Dr
Složka Smazáno : C:\Program Files (x86)\SmartTweak
Složka Smazáno : C:\Program Files (x86)\supporter
Složka Smazáno : C:\Program Files (x86)\Optimizer Pro 3.26
Složka Smazáno : C:\Program Files (x86)\DriverToolkit
Složka Smazáno : C:\windows\SysWOW64\SearchProtect
Složka Smazáno : C:\Program Files\PCDApp
Složka Smazáno : C:\Users\Andy\Ap
Složka Smazáno : C:\Users\Andy\AppData\Local\Chromatic Browser
Složka Smazáno : C:\Users\Andy\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Andy\AppData\Local\Mobogenie
Složka Smazáno : C:\Users\Andy\AppData\Local\RegistryDr
Složka Smazáno : C:\Users\Andy\AppData\Local\torch
Složka Smazáno : C:\Users\Andy\AppData\Local\DriverToolkit
Složka Smazáno : C:\Users\Andy\AppData\Roaming\DownloadManager
Složka Smazáno : C:\Users\Andy\AppData\Roaming\dll-files.com
Složka Smazáno : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Složka Smazáno : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Složka Smazáno : C:\Users\Andy\Documents\Mobogenie
Složka Smazáno : C:\Users\Andy\Documents\Optimizer Pro
Složka Smazáno : C:\Users\Andy\Documents\RegistryDr
Složka Smazáno : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Smazáno : C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Složka Smazáno : C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
Soubor Smazáno : C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
Soubor Smazáno : C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
Soubor Smazáno : C:\Users\Andy\daemonprocess.txt
***** [ Naplánované úlohy ] *****
Úloha Smazáno : LaunchSignup
Úloha Smazáno : Price-Horse
Úloha Smazáno : Price-Horse Updater
Úloha Smazáno : RegistryDr_Start
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Klíe Smazáno : HKCU\Software\6028eace21edca779c427d29f5646e96
Klíe Smazáno : HKLM\SOFTWARE\9c8e0af0-f397-4a04-8005-68567ec3eb46
Klíe Smazáno : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíe Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Klíe Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíe Smazáno : HKCU\Software\GlobalUpdate
Klíe Smazáno : HKCU\Software\Goobzo
Klíe Smazáno : HKCU\Software\Optimizer Pro
Klíe Smazáno : HKCU\Software\RegisteredApplicationsEx
Klíe Smazáno : HKCU\Software\smarttweak
Klíe Smazáno : HKCU\Software\DriverToolkit
Klíe Smazáno : HKCU\Software\RegistryDrLanguage
Klíe Smazáno : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klíe Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíe Smazáno : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Klíe Smazáno : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Klíe Smazáno : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Klíe Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíe Smazáno : HKLM\SOFTWARE\SupDp
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart File Advisor_is1
Klíe Smazáno : [x64] HKLM\SOFTWARE\ShopperPro
Klíe Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Data Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\suppor~1\suppor~1.dll
***** [ Prohlížeee ] *****
-\\ Internet Explorer v10.0.9200.17267
-\\ Mozilla Firefox v31.0 (x86 cs)
[6rbl9mf6.default\prefs.js] - Oádek Smazáno : user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
-\\ Google Chrome v34.0.1847.137
-\\ Comodo Dragon v
[C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-07-27&apn_dtid=%5ECMD161%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Smazáno [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Smazáno [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko
-\\ Chrome Canary v
*************************
AdwCleaner[R0].txt - [9038 bytu] - [02/04/2015 15:10:26]
AdwCleaner[S0].txt - [8410 bytu] - [02/04/2015 15:12:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8468 bytu] ##########
Re: Preventivka prosím
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka prosím
Zoek.exe v5.0.0.0 Updated 31-March-2015
Tool run by Jakub on źt 02. 04. 2015 at 18:31:16,22.
Microsoft Windows 8 Pro 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Andy\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
2. 4. 2015 18:32:41 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MyFree Codec deleted successfully
C:\PROGRA~2\Samsung deleted successfully
C:\Program Files\SAMSUNG deleted successfully
\AuthLog deleted successfully
C:\Users\Andy\AppData\Local\CrashDumps deleted successfully
C:\Users\Andy\AppData\Local\GHISLER deleted successfully
C:\Users\Andy\AppData\Local\LSC deleted successfully
C:\Users\Andy\AppData\Local\Samsung deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10080796-F5F8-4D56-836E-EFB57B2054C3} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{124EEDDB-F3B3-4B4B-8B4B-BE88D6E6EAD0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14730CF2-92B0-4303-BCC4-EB2E8548EFE4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1793CAD1-5C7A-4969-9AC9-2DDD9155034} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1818420E-87C4-4F23-80E6-DE5BD5A14E41} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1987C09D-B67B-46CF-BDF8-EC9438909236} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B227E64-D1ED-445A-B1B3-11D201FD37} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21E98754-8C21-44C0-A779-465135ADFCB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2368D8C4-C20F-4216-88C7-8ADBAB36CA6} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23923CDA-712C-4972-8C7-F4ADDD3380DD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23E5F446-9CCE-43EF-86F4-DAC7595DCA7C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2419BA51-4025-4F44-8BEB-D659EFB4C645} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{263EAD4B-579C-41EE-BEE4-A523AC58E220} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26E00AE1-14A6-4DFF-B730-A226A2050} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a28c24a-a627-4ecc-841b-2bca51b64585} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BCD8756-8ED5-435E-8798-EAB047723E87} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30BB837C-221A-4CFC-B244-98CFDFB74D4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30FA9BA7-F2B6-4441-8E53-BBF12ACD5078} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{322F2917-9564-4AD4-9BD6-9F33FA9DDD25} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32C27601-11-4ED1-B360-17D24B96F77D} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{330D872B-142B-4C72-BFE-F04C4C18EFA0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33A7678D-F5E9-43D7-8284-DFD15916FBE} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35703AE0-F13C-4512-836B-818E511F9131} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{360F3EB0-CB2D-447D-AB54-94754CDE596} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3664F2F8-9670-4707-B9A0-B48A71513A28} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37045ADD-95DE-47E2-892-E5B5F124E2B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3885BD55-D748-4D09-8B7B-9625DFB7341E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A8D1EC1-254C-401F-8876-4D3996D3E160} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B1B075-C925-4FC6-AC5-BC1D52C8D2F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BB5D05E-3D73-4693-B9FE-438ED7F75D65} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BDE1405-D442-472D-AC64-83F81E5C160} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C19EEE3-954D-4763-9C48-CC5785B2B191} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42D27C66-12CA-41E1-93C5-29CE491DEFC8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49A75CC9-CBED-4C2A-A8E1-88857FD83B1E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CCBD8A4-23F0-40E8-9F17-CFA17EB57D9F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D6E7EB-FCDF-4110-B64E-B079BF8127D} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51878D7F-DCBF-4317-A6B-AB479ACBC98D} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51D2C091-E029-4B96-BA19-349A35FD5B38} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{530EA770-CE77-43D1-BE24-EBD0CDC7BBC9} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55513DF5-68E5-4459-AD6F-5B392281F3F3} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57FBDC45-77D5-463A-B121-1A9C9AE8090} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{582B0A47-4F27-4408-92F9-F2B43B63F03C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A42DC10-97A6-4C09-9BEA-F3372E684FC4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6704515F-4D9A-454E-AF54-ECCEEFA51AD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67C2625B-8298-4ED9-B19A-E97D9AB6C463} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{686A6680-5DF4-4004-9ACE-DBAAB8604390} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69CE583C-60D5-4F2B-B02A-59A3C34AFE2} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A236A82-C79A-4BEE-BC87-8EB7F58D3CE7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FF04E8D-9257-4ADE-AAA-1250AEE3858C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{703EA21C-6B9A-45E1-94F5-5460033273D} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70C9284F-2716-46D6-8DB5-E6FD81BB610} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73F1AD9C-B99C-4CAF-9353-8722D9E97FDF} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74644855-2178-407D-A3AF-5EA0441337A9} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{749D9228-1FC3-470F-B142-290D2D09354} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7783fc53-f4a3-47a5-bbdf-e5c2009a9183} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78E14E1E-23BA-4416-B4D3-A336B34E4BEC} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AC6D869-66CB-4FE8-ADB4-34CABE98B746} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C43D515-B011-436D-A0E2-6DE540FB8C74} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CD1E5AC-E513-49AF-8B17-64EA75D5B78B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D3DF2AD-1944-49AF-B514-26DF455369A5} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D77328-B996-473C-908A-AC1D663179D8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{813D1B06-423B-4748-9AA5-548E8C54DF5} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8230030F-E2C0-4A86-9666-80764537363A} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82FEF7BA-EB4-46C9-9F8F-C081DCC74EED} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85333BAD-A437-4C71-89C4-D6DA87F5A885} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88CB6E52-1482-4DFF-B1A5-A1EAC343779E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E12848-B61-4D77-9DBB-98E1498C960} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89D3D058-4D9B-4576-BFC2-5D34B19230BB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BA5FE34-C3B4-437B-9F7F-4A3246DF8DD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BFEB95C-29B9-4C69-A251-E223A0113854} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D26FD9E-9767-44A4-AABF-27D4C77E5FC1} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E528B70-268D-4B4C-996E-B57C9ED87D74} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9342058A-51B8-422C-8D56-B260EF7A5D40} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{939A0B85-4B1F-4A33-996D-86F42B507549} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95AEA245-E8C0-49F4-A352-0D6336BA48E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{979E35F3-8FE4-41BA-A157-521AF2C0DFA9} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99A94C25-96BC-4701-9A82-D2F15491EB80} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B784A54-38F5-4FE8-B536-6A14F3FB70} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D254937-6C43-46BE-9961-9EB47F2D1C51} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EE349F0-2BAC-4139-AEA1-25CF5018ADA2} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FC483F4-F037-4599-8BA3-21CC58B372D7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A01AACAC-7788-4E97-A933-7886406A4B6E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3E981B5-4FC0-4027-9FBE-6BD3AE60B7A6} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A707A407-7B4D-4F78-B7C4-DD5341F822BD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A943BB76-F4B0-4B7F-A5CF-E5B7E2DEACA} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9907602-3BA5-43EC-AFC3-9C68CAE6E676} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AABAEC85-2BE2-408B-B52C-9EF053B2976} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABBD5097-65D0-4641-A36A-2AD55EDF60FD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABE609B7-A23E-4757-8A46-9B69EF2F7F6} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC54EF4D-EB17-4AAE-A434-ED317CC0A41} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD2B4150-6D7F-49C1-97CA-7158E23A56F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFF5B5ED-7895-471B-9E59-203623AFF4DF} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0E0C9AD-64E9-48C3-9079-30383D35AF2} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4C3CABB-A164-4910-B1DF-46C56071CE96} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B600A1ED-E164-47A4-8ECD-CBBFF5B432E4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B91C62F2-548A-4EBD-AAD8-66D5251F2961} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9DB137A-F493-484D-9422-C4A73134EF96} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCAA19D6-4FD5-4B26-A016-AF9BD4355729} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCE2B21B-C58C-4D91-B7AA-2F535E61FEB7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD5236E5-78C4-47BA-997E-DF98C99C2951} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BED0D53D-82E7-45B7-8AD-E24ACFC29894} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF2965B8-68BB-4DB2-BCC8-EE6B9927AAC} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF98C016-6428-4ED4-92EE-1D2A755701B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF9D7AD-36BA-4FAD-855B-988218F4E21} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1C39C90-DB35-466B-AF9-ADD3931E5823} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2349F85-C4B5-4C94-A853-81C31F83FFF} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C56DBD04-401B-49F7-9F2-BD94D94A2E7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C76F338A-B39F-4A3B-A71A-868223A73C65} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8AF6ABD-B569-4D5B-B5F0-9E91DDD3DE8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9539FF2-14F4-47DE-BEFF-C7428F65B0E8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEEDB058-22DE-416C-B827-6E2BE72572EE} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFA29495-AE63-4643-8A61-964270A2C6AB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d0287769-399d-464a-bab9-c540958e59c4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D15EEE4-61A1-48E0-96D9-1ED8F831DF8E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2859AA2-D106-4F51-9431-895852B55AE7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D299AC7-6653-4660-99E3-0E861FEF4F8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2B918CB-AE51-4D1D-8E61-9077E57A809B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5005422-EB9-436B-994-DB3DB08A73EB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D53D5ADA-F4DE-4F01-A526-2958BBF658AD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D57A7BF9-B196-4F04-A4CF-73F61AFDF518} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5FD4CE8-8DE7-4E13-871D-777C1E122994} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8FBCF6F-76CC-46D0-9F87-86239E324DB9} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d94974db-f77e-4a48-94e4-7fa7f6933da0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9B7A2F8-19DD-4CA5-9FA4-F3C37D3AC2B4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB93336C-D88A-4C3D-B045-1099DB60B12F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBB6CAFD-222F-46B0-8ADD-4B69DE8AEF89} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC314D27-B362-4459-969D-762064E308B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DED4A649-D1BE-4897-B84E-EA6681E344E8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF021A12-4520-4A91-91B7-47DE2FB39A0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D56484-77FE-4449-B786-EB98A176C473} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DA9851-29B6-42D0-83C2-EE6227D29B9B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E289B519-35C6-44C7-BF66-BF2D71CEA261} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E58E89A5-D0FD-4D2C-A070-43BA7DAD93F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E62CD3BC-189D-4693-9E95-EF57C5D26AFB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7F6DA11-DAB8-45E7-8719-6D9EED97D4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8DD0A11-3F16-4616-B6C-92BDF897AEB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9DF0B14-CDC5-4C61-AB4B-5EEED4DCA55} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA7075A1-962B-446A-AFDE-5D8C8160E685} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC52884D-8C29-4B40-B0CD-5DB6567761C7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED4C9CDD-CC17-41D7-AED3-1A5B24EF6A2} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE218A99-EBC5-49EC-8294-73ED6A138E38} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2C75E93-5EAE-4701-B8EC-9BE9DE8CCF54} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3281B93-9FB2-4707-AD34-55CF1368CCA6} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F51B7FCB-1CAC-44BD-9029-F1E7D157C860} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F59729C7-A60F-40F0-B3A-138C8D85ADFE} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5A2BCC8-1BC1-4EED-89E6-E5A29836D4F0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6AB3B28-A633-4761-9827-761FEDD41997} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F97B52C4-C4C5-4148-A26A-4EF948CC446} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAD99566-4210-45EB-B3BC-24BE76A17AF8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB210283-4B49-4F2D-B496-8B255D1406E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB2FD8E2-44F2-493C-9FD5-668FA456C363} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE71B841-8746-4C98-AF89-D6E5F081EA53} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEEA795E-81D7-4A3D-8F4E-FE8E8607E17} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF605A0E-91E2-4FB5-834E-B434EADB3933} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFA48F8C-E5B6-4B7D-BBD3-4A8BDC655F5C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF65F2-B727-44B2-A212-A777968A8F85} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a28c24a-a627-4ecc-841b-2bca51b64585} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7783fc53-f4a3-47a5-bbdf-e5c2009a9183} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d0287769-399d-464a-bab9-c540958e59c4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d94974db-f77e-4a48-94e4-7fa7f6933da0} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006");
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("browser.search.order.1", "Google (avast)");
user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006");
Added to C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
user.js not found
---- Lines wisen wizard removed from prefs.js ----
user_pref("extensions.wisen wizard.asul", "1399059217487");
user_pref("extensions.wisen wizard.aul", "1398790228210");
user_pref("extensions.wisen wizard.irl", true);
user_pref("extensions.wisen wizard.is", "epo000CZ");
user_pref("extensions.wisen wizard.ug", "5D019CEF-1DAB-4484-A42C-BF2EAB98929F");
---- Lines a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059 removed from prefs.js ----
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.coma0b21f775d32a4eac84c6c00ac1ae
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.coma0b21f775d32a4eac84c6c00ac1ae
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.comasyncdb_dbWasSet", true);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.comasyncdb_dbWasSet_FF25_FIX", t
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.comasyncinternaldb_dbWasSet", tr
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.comasyncinternaldb_dbWasSet_FF25
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.active", true);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.addressbar", "NA");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.addressbarenhanced", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.asyncdb.was_copied", "true");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.asyncinternaldb.was_copied", "true");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.backgroundver", 1);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.certdomaininstaller", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.cookie.InstallationTime.value", "%221420330582%22");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000805%22%2C%22sub_
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.description", ".");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.domain", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.enablesearch", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.homepage", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.changeprevious", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.iframe", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.InstallationThankYouPage", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.InstallationTime", 1420330582);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.__defualt_browser__.value", "%22ch%22");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22install
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22DC10CB
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000805%22%2C%22
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000805%22%
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:0
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 203
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_bundledWithHash.value", "null");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_regBundledWithSoftware.expiration", "Fri Feb
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7B%7D");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.reporting_user_key.expiration", "Fri Jan 03 2025 20:38:47 GMT+01
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.reporting_user_key.value", "false");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_appVer.value", "10");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_nextCheck.expiration", "Wed Jan 07 2015 02:37:34 GMT+0
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.lastDailyReport", "1420573053317");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.lastUpdate", "1420573053067");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.manifesturl", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.name", "SensePlus");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.newtab", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.opensearch", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.pluginsurl", "http://js.newstatsdatanet.com/plugin/ap ... gins/na/ff
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.pluginsversion", 6);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.publisher", "Object Browser");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.searchstatus", 0);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.setnewtab", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.thankyou", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.updateinterval", 360);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.ver", 10);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.apps", "69059");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.bic", "14abafdb4599fbc97f973f2d26db02ce");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.cid", 69059);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.firstrun", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.hadappinstalled", true);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.installationdate", 1420476397);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.modetype", "production");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.reportInstall", true);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.statsDailyCounter", 2);
---- Lines extensions.tjV3o removed from prefs.js ----
user_pref("extensions.tjV3o.epoch", "1405966181");
user_pref("extensions.tjV3o.url", "http://couponbluemy.us/sync2/?q=hfZ9oeq ... HsErjYEpdk
---- FireFox user.js and prefs.js backups ----
prefs_201502.04._1853_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\MyFree Codec not found
C:\PROGRA~2\Samsung not found
C:\PROGRA~2\bfd74cda-0c0d-4515-a2a4-8c10b4b3626f deleted
C:\Users\Andy\AppData\Roaming\.minecraft deleted
C:\Users\Andy\AppData\LocalLow\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted
C:\Users\Andy\AppData\Local\Packages\windows_ie_ac_001\AC\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted
C:\Users\Andy\AppData\Local\23296 deleted
C:\Users\Andy\.android deleted
C:\PROGRA~2\Warner Bros. Interactive Entertainment deleted
C:\PROGRA~2\Smart File Advisor deleted
C:\Users\Andy\AppData\Local\cache deleted
C:\Users\Andy\AppData\Local\Installer deleted
C:\Users\Andy\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-1582357562-1760955146-2745679186-1001 deleted
C:\Users\Public\Documents\GOOBZO deleted
C:\Users\Public\Documents\YTAHelper deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\windows\SysWow64\AI_RecycleBin deleted
C:\Users\Andy\AppData\Roaming\LoJackSetup.exe deleted
"C:\Users\Andy\AppData\Roaming\Shuame\.clientid" deleted
"C:\Users\Andy\AppData\Roaming\Shuame" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [12. 02. 2015 17:10]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
- jid0MXvUXM1npF7yTcY3bpZVht72AR4jetpack - %ProfilePath%\extensions\jid0-MXvUXM1npF7yTcY3bpZVht72AR4@jetpack
- Check4Change - %ProfilePath%\extensions\check4change-owner@mozdev.org.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- TrueSuite Website Logon - %AppDir%\distribution\bundles\websitelogon@truesuite.com
==== Firefox Plugins ======================
Profilepath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
21025F3A113559BF3D7BBE162BDA626D - C:\Users\Andy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
4390CCD3790F8D9C427C0C29590C62D7 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
1A3F2278C27FC73EC2A1D5B23B0D3624 - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll - TrueSuite
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Administrator\AppData\Local\Torch deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Andy\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Torch deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Torch deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser deleted
==== Chromium Look ======================
Google Chrome Version: 34.0.1847.137 (Possible outdated, latest Stable version: 41.0.2272.118)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[31. 12. 2014 02:21]
iokmdlapebooifaijckgcmncjdpojmjl - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx[03. 08. 2012 08:35]
Comodo Drag&Drop Service - Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Comodo Media Downloader - Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
Avast Online Security - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Website Logon - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokmdlapebooifaijckgcmncjdpojmjl
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{019E1F08-9EA4-48EE-B3F5-D9C7C53975D5} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12902"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{2C669F5A-BBFD-4F0A-B519-76EA59E6ED41} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12902"
{2FB6B0B9-C801-47EB-83F2-C77C9A84A1CB} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12902"
{7BFBC1D9-D9F7-4F10-9C61-E600AA76D7D0} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12902"
{AA9DF244-97EC-4C06-9075-4E81D679F53E} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_12902"
{ADC0BF47-C76D-4883-85AF-5FBC3ADC13DA} Unknown Url="Not_Found"
{C69DC8D9-F262-4B2F-908F-F51B05F51B9E} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12902"
{D491BA25-688B-4262-8832-931E4F0E2E17} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_12902"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=s ... earchTerms}"
{EFAA8928-6706-4C87-8E44-E95D51C9E226} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_12902"
{FA899A1F-F9D5-4B27-93A3-E1C29FCF0077} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12902"
==== Reset Google Chrome ======================
C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ADC0BF47-C76D-4883-85AF-5FBC3ADC13DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ADC0BF47-C76D-4883-85AF-5FBC3ADC13DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ADC0BF47-C76D-4883-85AF-5FBC3ADC13DA} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1433 folders=435 6430861635 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Andy\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Andy\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on źt 02. 04. 2015 at 19:04:26,44 ======================
Tool run by Jakub on źt 02. 04. 2015 at 18:31:16,22.
Microsoft Windows 8 Pro 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Andy\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
2. 4. 2015 18:32:41 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MyFree Codec deleted successfully
C:\PROGRA~2\Samsung deleted successfully
C:\Program Files\SAMSUNG deleted successfully
\AuthLog deleted successfully
C:\Users\Andy\AppData\Local\CrashDumps deleted successfully
C:\Users\Andy\AppData\Local\GHISLER deleted successfully
C:\Users\Andy\AppData\Local\LSC deleted successfully
C:\Users\Andy\AppData\Local\Samsung deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10080796-F5F8-4D56-836E-EFB57B2054C3} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{124EEDDB-F3B3-4B4B-8B4B-BE88D6E6EAD0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14730CF2-92B0-4303-BCC4-EB2E8548EFE4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1793CAD1-5C7A-4969-9AC9-2DDD9155034} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1818420E-87C4-4F23-80E6-DE5BD5A14E41} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1987C09D-B67B-46CF-BDF8-EC9438909236} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B227E64-D1ED-445A-B1B3-11D201FD37} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21E98754-8C21-44C0-A779-465135ADFCB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2368D8C4-C20F-4216-88C7-8ADBAB36CA6} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23923CDA-712C-4972-8C7-F4ADDD3380DD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23E5F446-9CCE-43EF-86F4-DAC7595DCA7C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2419BA51-4025-4F44-8BEB-D659EFB4C645} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{263EAD4B-579C-41EE-BEE4-A523AC58E220} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26E00AE1-14A6-4DFF-B730-A226A2050} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a28c24a-a627-4ecc-841b-2bca51b64585} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BCD8756-8ED5-435E-8798-EAB047723E87} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30BB837C-221A-4CFC-B244-98CFDFB74D4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30FA9BA7-F2B6-4441-8E53-BBF12ACD5078} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{322F2917-9564-4AD4-9BD6-9F33FA9DDD25} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32C27601-11-4ED1-B360-17D24B96F77D} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{330D872B-142B-4C72-BFE-F04C4C18EFA0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33A7678D-F5E9-43D7-8284-DFD15916FBE} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35703AE0-F13C-4512-836B-818E511F9131} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{360F3EB0-CB2D-447D-AB54-94754CDE596} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3664F2F8-9670-4707-B9A0-B48A71513A28} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37045ADD-95DE-47E2-892-E5B5F124E2B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3885BD55-D748-4D09-8B7B-9625DFB7341E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A8D1EC1-254C-401F-8876-4D3996D3E160} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B1B075-C925-4FC6-AC5-BC1D52C8D2F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BB5D05E-3D73-4693-B9FE-438ED7F75D65} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BDE1405-D442-472D-AC64-83F81E5C160} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C19EEE3-954D-4763-9C48-CC5785B2B191} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42D27C66-12CA-41E1-93C5-29CE491DEFC8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49A75CC9-CBED-4C2A-A8E1-88857FD83B1E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CCBD8A4-23F0-40E8-9F17-CFA17EB57D9F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D6E7EB-FCDF-4110-B64E-B079BF8127D} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51878D7F-DCBF-4317-A6B-AB479ACBC98D} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51D2C091-E029-4B96-BA19-349A35FD5B38} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{530EA770-CE77-43D1-BE24-EBD0CDC7BBC9} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55513DF5-68E5-4459-AD6F-5B392281F3F3} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57FBDC45-77D5-463A-B121-1A9C9AE8090} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{582B0A47-4F27-4408-92F9-F2B43B63F03C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A42DC10-97A6-4C09-9BEA-F3372E684FC4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6704515F-4D9A-454E-AF54-ECCEEFA51AD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67C2625B-8298-4ED9-B19A-E97D9AB6C463} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{686A6680-5DF4-4004-9ACE-DBAAB8604390} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69CE583C-60D5-4F2B-B02A-59A3C34AFE2} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A236A82-C79A-4BEE-BC87-8EB7F58D3CE7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FF04E8D-9257-4ADE-AAA-1250AEE3858C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{703EA21C-6B9A-45E1-94F5-5460033273D} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70C9284F-2716-46D6-8DB5-E6FD81BB610} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73F1AD9C-B99C-4CAF-9353-8722D9E97FDF} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74644855-2178-407D-A3AF-5EA0441337A9} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{749D9228-1FC3-470F-B142-290D2D09354} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7783fc53-f4a3-47a5-bbdf-e5c2009a9183} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78E14E1E-23BA-4416-B4D3-A336B34E4BEC} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AC6D869-66CB-4FE8-ADB4-34CABE98B746} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C43D515-B011-436D-A0E2-6DE540FB8C74} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CD1E5AC-E513-49AF-8B17-64EA75D5B78B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D3DF2AD-1944-49AF-B514-26DF455369A5} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D77328-B996-473C-908A-AC1D663179D8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{813D1B06-423B-4748-9AA5-548E8C54DF5} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8230030F-E2C0-4A86-9666-80764537363A} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82FEF7BA-EB4-46C9-9F8F-C081DCC74EED} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85333BAD-A437-4C71-89C4-D6DA87F5A885} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88CB6E52-1482-4DFF-B1A5-A1EAC343779E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E12848-B61-4D77-9DBB-98E1498C960} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89D3D058-4D9B-4576-BFC2-5D34B19230BB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BA5FE34-C3B4-437B-9F7F-4A3246DF8DD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BFEB95C-29B9-4C69-A251-E223A0113854} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D26FD9E-9767-44A4-AABF-27D4C77E5FC1} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E528B70-268D-4B4C-996E-B57C9ED87D74} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9342058A-51B8-422C-8D56-B260EF7A5D40} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{939A0B85-4B1F-4A33-996D-86F42B507549} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95AEA245-E8C0-49F4-A352-0D6336BA48E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{979E35F3-8FE4-41BA-A157-521AF2C0DFA9} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99A94C25-96BC-4701-9A82-D2F15491EB80} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B784A54-38F5-4FE8-B536-6A14F3FB70} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D254937-6C43-46BE-9961-9EB47F2D1C51} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EE349F0-2BAC-4139-AEA1-25CF5018ADA2} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FC483F4-F037-4599-8BA3-21CC58B372D7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A01AACAC-7788-4E97-A933-7886406A4B6E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3E981B5-4FC0-4027-9FBE-6BD3AE60B7A6} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A707A407-7B4D-4F78-B7C4-DD5341F822BD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A943BB76-F4B0-4B7F-A5CF-E5B7E2DEACA} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9907602-3BA5-43EC-AFC3-9C68CAE6E676} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AABAEC85-2BE2-408B-B52C-9EF053B2976} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABBD5097-65D0-4641-A36A-2AD55EDF60FD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABE609B7-A23E-4757-8A46-9B69EF2F7F6} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC54EF4D-EB17-4AAE-A434-ED317CC0A41} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD2B4150-6D7F-49C1-97CA-7158E23A56F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFF5B5ED-7895-471B-9E59-203623AFF4DF} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0E0C9AD-64E9-48C3-9079-30383D35AF2} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4C3CABB-A164-4910-B1DF-46C56071CE96} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B600A1ED-E164-47A4-8ECD-CBBFF5B432E4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B91C62F2-548A-4EBD-AAD8-66D5251F2961} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9DB137A-F493-484D-9422-C4A73134EF96} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCAA19D6-4FD5-4B26-A016-AF9BD4355729} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCE2B21B-C58C-4D91-B7AA-2F535E61FEB7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD5236E5-78C4-47BA-997E-DF98C99C2951} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BED0D53D-82E7-45B7-8AD-E24ACFC29894} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF2965B8-68BB-4DB2-BCC8-EE6B9927AAC} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF98C016-6428-4ED4-92EE-1D2A755701B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF9D7AD-36BA-4FAD-855B-988218F4E21} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1C39C90-DB35-466B-AF9-ADD3931E5823} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2349F85-C4B5-4C94-A853-81C31F83FFF} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C56DBD04-401B-49F7-9F2-BD94D94A2E7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C76F338A-B39F-4A3B-A71A-868223A73C65} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8AF6ABD-B569-4D5B-B5F0-9E91DDD3DE8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9539FF2-14F4-47DE-BEFF-C7428F65B0E8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEEDB058-22DE-416C-B827-6E2BE72572EE} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFA29495-AE63-4643-8A61-964270A2C6AB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d0287769-399d-464a-bab9-c540958e59c4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D15EEE4-61A1-48E0-96D9-1ED8F831DF8E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2859AA2-D106-4F51-9431-895852B55AE7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D299AC7-6653-4660-99E3-0E861FEF4F8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2B918CB-AE51-4D1D-8E61-9077E57A809B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5005422-EB9-436B-994-DB3DB08A73EB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D53D5ADA-F4DE-4F01-A526-2958BBF658AD} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D57A7BF9-B196-4F04-A4CF-73F61AFDF518} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5FD4CE8-8DE7-4E13-871D-777C1E122994} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8FBCF6F-76CC-46D0-9F87-86239E324DB9} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d94974db-f77e-4a48-94e4-7fa7f6933da0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9B7A2F8-19DD-4CA5-9FA4-F3C37D3AC2B4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB93336C-D88A-4C3D-B045-1099DB60B12F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBB6CAFD-222F-46B0-8ADD-4B69DE8AEF89} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC314D27-B362-4459-969D-762064E308B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DED4A649-D1BE-4897-B84E-EA6681E344E8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF021A12-4520-4A91-91B7-47DE2FB39A0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D56484-77FE-4449-B786-EB98A176C473} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DA9851-29B6-42D0-83C2-EE6227D29B9B} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E289B519-35C6-44C7-BF66-BF2D71CEA261} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E58E89A5-D0FD-4D2C-A070-43BA7DAD93F} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E62CD3BC-189D-4693-9E95-EF57C5D26AFB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7F6DA11-DAB8-45E7-8719-6D9EED97D4} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8DD0A11-3F16-4616-B6C-92BDF897AEB} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9DF0B14-CDC5-4C61-AB4B-5EEED4DCA55} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA7075A1-962B-446A-AFDE-5D8C8160E685} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC52884D-8C29-4B40-B0CD-5DB6567761C7} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED4C9CDD-CC17-41D7-AED3-1A5B24EF6A2} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE218A99-EBC5-49EC-8294-73ED6A138E38} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2C75E93-5EAE-4701-B8EC-9BE9DE8CCF54} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3281B93-9FB2-4707-AD34-55CF1368CCA6} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F51B7FCB-1CAC-44BD-9029-F1E7D157C860} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F59729C7-A60F-40F0-B3A-138C8D85ADFE} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5A2BCC8-1BC1-4EED-89E6-E5A29836D4F0} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6AB3B28-A633-4761-9827-761FEDD41997} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F97B52C4-C4C5-4148-A26A-4EF948CC446} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAD99566-4210-45EB-B3BC-24BE76A17AF8} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB210283-4B49-4F2D-B496-8B255D1406E} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB2FD8E2-44F2-493C-9FD5-668FA456C363} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE71B841-8746-4C98-AF89-D6E5F081EA53} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEEA795E-81D7-4A3D-8F4E-FE8E8607E17} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF605A0E-91E2-4FB5-834E-B434EADB3933} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFA48F8C-E5B6-4B7D-BBD3-4A8BDC655F5C} deleted successfully
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF65F2-B727-44B2-A212-A777968A8F85} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a28c24a-a627-4ecc-841b-2bca51b64585} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7783fc53-f4a3-47a5-bbdf-e5c2009a9183} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d0287769-399d-464a-bab9-c540958e59c4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d94974db-f77e-4a48-94e4-7fa7f6933da0} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006");
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("browser.search.order.1", "Google (avast)");
user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006");
Added to C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
user.js not found
---- Lines wisen wizard removed from prefs.js ----
user_pref("extensions.wisen wizard.asul", "1399059217487");
user_pref("extensions.wisen wizard.aul", "1398790228210");
user_pref("extensions.wisen wizard.irl", true);
user_pref("extensions.wisen wizard.is", "epo000CZ");
user_pref("extensions.wisen wizard.ug", "5D019CEF-1DAB-4484-A42C-BF2EAB98929F");
---- Lines a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059 removed from prefs.js ----
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.coma0b21f775d32a4eac84c6c00ac1ae
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.coma0b21f775d32a4eac84c6c00ac1ae
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.comasyncdb_dbWasSet", true);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.comasyncdb_dbWasSet_FF25_FIX", t
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.comasyncinternaldb_dbWasSet", tr
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.comasyncinternaldb_dbWasSet_FF25
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.active", true);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.addressbar", "NA");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.addressbarenhanced", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.asyncdb.was_copied", "true");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.asyncinternaldb.was_copied", "true");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.backgroundver", 1);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.certdomaininstaller", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.cookie.InstallationTime.value", "%221420330582%22");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000805%22%2C%22sub_
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.description", ".");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.domain", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.enablesearch", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.homepage", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.changeprevious", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.iframe", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.InstallationThankYouPage", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.InstallationTime", 1420330582);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.__defualt_browser__.value", "%22ch%22");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22install
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22DC10CB
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000805%22%2C%22
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000805%22%
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:0
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 203
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_bundledWithHash.value", "null");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_regBundledWithSoftware.expiration", "Fri Feb
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7B%7D");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.reporting_user_key.expiration", "Fri Jan 03 2025 20:38:47 GMT+01
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.reporting_user_key.value", "false");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_appVer.value", "10");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_nextCheck.expiration", "Wed Jan 07 2015 02:37:34 GMT+0
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.lastDailyReport", "1420573053317");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.lastUpdate", "1420573053067");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.manifesturl", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.name", "SensePlus");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.newtab", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.opensearch", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.pluginsurl", "http://js.newstatsdatanet.com/plugin/ap ... gins/na/ff
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.pluginsversion", 6);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.publisher", "Object Browser");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.searchstatus", 0);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.setnewtab", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.thankyou", "");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.updateinterval", 360);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.69059.ver", 10);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.apps", "69059");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.bic", "14abafdb4599fbc97f973f2d26db02ce");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.cid", 69059);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.firstrun", false);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.hadappinstalled", true);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.installationdate", 1420476397);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.modetype", "production");
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.reportInstall", true);
user_pref("extensions.a0b21f775d32a4eac84c6c00ac1ae2ec5gmailcom69059.statsDailyCounter", 2);
---- Lines extensions.tjV3o removed from prefs.js ----
user_pref("extensions.tjV3o.epoch", "1405966181");
user_pref("extensions.tjV3o.url", "http://couponbluemy.us/sync2/?q=hfZ9oeq ... HsErjYEpdk
---- FireFox user.js and prefs.js backups ----
prefs_201502.04._1853_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\MyFree Codec not found
C:\PROGRA~2\Samsung not found
C:\PROGRA~2\bfd74cda-0c0d-4515-a2a4-8c10b4b3626f deleted
C:\Users\Andy\AppData\Roaming\.minecraft deleted
C:\Users\Andy\AppData\LocalLow\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted
C:\Users\Andy\AppData\Local\Packages\windows_ie_ac_001\AC\{D2D2D3C3-F689-435C-14C8-A6458541808C} deleted
C:\Users\Andy\AppData\Local\23296 deleted
C:\Users\Andy\.android deleted
C:\PROGRA~2\Warner Bros. Interactive Entertainment deleted
C:\PROGRA~2\Smart File Advisor deleted
C:\Users\Andy\AppData\Local\cache deleted
C:\Users\Andy\AppData\Local\Installer deleted
C:\Users\Andy\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-1582357562-1760955146-2745679186-1001 deleted
C:\Users\Public\Documents\GOOBZO deleted
C:\Users\Public\Documents\YTAHelper deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\windows\SysWow64\AI_RecycleBin deleted
C:\Users\Andy\AppData\Roaming\LoJackSetup.exe deleted
"C:\Users\Andy\AppData\Roaming\Shuame\.clientid" deleted
"C:\Users\Andy\AppData\Roaming\Shuame" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [12. 02. 2015 17:10]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
- jid0MXvUXM1npF7yTcY3bpZVht72AR4jetpack - %ProfilePath%\extensions\jid0-MXvUXM1npF7yTcY3bpZVht72AR4@jetpack
- Check4Change - %ProfilePath%\extensions\check4change-owner@mozdev.org.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- TrueSuite Website Logon - %AppDir%\distribution\bundles\websitelogon@truesuite.com
==== Firefox Plugins ======================
Profilepath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
21025F3A113559BF3D7BBE162BDA626D - C:\Users\Andy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
4390CCD3790F8D9C427C0C29590C62D7 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
1A3F2278C27FC73EC2A1D5B23B0D3624 - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll - TrueSuite
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Administrator\AppData\Local\Torch deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Andy\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Torch deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Torch deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser deleted
==== Chromium Look ======================
Google Chrome Version: 34.0.1847.137 (Possible outdated, latest Stable version: 41.0.2272.118)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[31. 12. 2014 02:21]
iokmdlapebooifaijckgcmncjdpojmjl - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx[03. 08. 2012 08:35]
Comodo Drag&Drop Service - Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Comodo Media Downloader - Andy\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
Avast Online Security - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Website Logon - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokmdlapebooifaijckgcmncjdpojmjl
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{019E1F08-9EA4-48EE-B3F5-D9C7C53975D5} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12902"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{2C669F5A-BBFD-4F0A-B519-76EA59E6ED41} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12902"
{2FB6B0B9-C801-47EB-83F2-C77C9A84A1CB} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12902"
{7BFBC1D9-D9F7-4F10-9C61-E600AA76D7D0} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12902"
{AA9DF244-97EC-4C06-9075-4E81D679F53E} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_12902"
{ADC0BF47-C76D-4883-85AF-5FBC3ADC13DA} Unknown Url="Not_Found"
{C69DC8D9-F262-4B2F-908F-F51B05F51B9E} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12902"
{D491BA25-688B-4262-8832-931E4F0E2E17} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_12902"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=s ... earchTerms}"
{EFAA8928-6706-4C87-8E44-E95D51C9E226} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_12902"
{FA899A1F-F9D5-4B27-93A3-E1C29FCF0077} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12902"
==== Reset Google Chrome ======================
C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ADC0BF47-C76D-4883-85AF-5FBC3ADC13DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ADC0BF47-C76D-4883-85AF-5FBC3ADC13DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ADC0BF47-C76D-4883-85AF-5FBC3ADC13DA} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Andy\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1433 folders=435 6430861635 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Andy\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Andy\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on źt 02. 04. 2015 at 19:04:26,44 ======================
Re: Preventivka prosím
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka prosím
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Jakub (administrator) on KUBA on 02-04-2015 19:51:05
Running from C:\Users\Andy\Desktop
Loaded Profiles: Jakub (Available profiles: Jakub)
Platform: Windows 8 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Andy\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] => C:\windows\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-31] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-17] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Andy\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-17] ()
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1523200 2014-03-19] (Informer Technologies, Inc.)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [qhzrqdoikr] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\qhzrqdoikr.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [wradwykpko] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\wradwykpko.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [dnhsinhakf] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\dnhsinhakf.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [uTorrent] => C:\Users\Andy\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-02-01] (BitTorrent Inc.)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: E - "E:\Launcher.exe"
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: {cdc655c6-8800-11e3-be81-84a6c8a8b64f} - "E:\setup.exe"
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {019E1F08-9EA4-48EE-B3F5-D9C7C53975D5} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {2C669F5A-BBFD-4F0A-B519-76EA59E6ED41} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {2FB6B0B9-C801-47EB-83F2-C77C9A84A1CB} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {7BFBC1D9-D9F7-4F10-9C61-E600AA76D7D0} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {AA9DF244-97EC-4C06-9075-4E81D679F53E} URL = http://search.seznam.cz/?q={searchTerms ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {C69DC8D9-F262-4B2F-908F-F51B05F51B9E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {D491BA25-688B-4262-8832-931E4F0E2E17} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {EFAA8928-6706-4C87-8E44-E95D51C9E226} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {FA899A1F-F9D5-4B27-93A3-E1C29FCF0077} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12902
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-08-31] (AuthenTec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-31] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-08-31] (AuthenTec Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-31] (AVAST Software)
BHO-x32: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-07-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-09] ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll [2012-08-31] (AuthenTec, Inc)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-10-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1582357562-1760955146-2745679186-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Andy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-04] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-10-17] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\searchplugins\google-avast.xml [2015-04-01]
FF Extension: jid0MXvUXM1npF7yTcY3bpZVht72AR4jetpack - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\Extensions\jid0-MXvUXM1npF7yTcY3bpZVht72AR4@jetpack [2015-01-08]
FF Extension: Check4Change - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\Extensions\check4change-owner@mozdev.org.xpi [2014-04-18]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-30]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-02]
CHR Extension: (Google Drive) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-02]
CHR Extension: (YouTube) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-02]
CHR Extension: (Google Search) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Avast Online Security) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-21]
CHR Extension: (Website Logon) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokmdlapebooifaijckgcmncjdpojmjl [2015-04-01]
CHR Extension: (Google Wallet) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-11]
CHR Extension: (Gmail) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-31]
CHR HKLM-x32\...\Chrome\Extension: [iokmdlapebooifaijckgcmncjdpojmjl] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx [2012-08-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-31] (AVAST Software)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-08-05] (Lenovo Corporation)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014664 2014-09-16] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [727536 2014-08-05] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [470000 2014-06-10] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [685568 2013-11-11] () [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-31] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S3 BTWDPAN; C:\Windows\system32\DRIVERS\btwdpan.sys [84008 2010-11-15] (Broadcom Corporation.)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [32768 2010-04-29] (Google Inc)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-09] (Intel Corporation)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Ricoh co.,Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288480 2012-12-13] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-26] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-01-28] (Duplex Secure Ltd.)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-10] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)
U3 acuiehrf; C:\Windows\System32\Drivers\acuiehrf.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-02 19:51 - 2015-04-02 19:51 - 00027269 _____ () C:\Users\Andy\Desktop\FRST.txt
2015-04-02 19:50 - 2015-04-02 19:51 - 00000000 ____D () C:\FRST
2015-04-02 19:49 - 2015-04-02 19:49 - 02095616 _____ (Farbar) C:\Users\Andy\Desktop\FRST64.exe
2015-04-02 19:49 - 2015-04-02 19:49 - 00112640 _____ (forum.viry.cz) C:\Users\Andy\Desktop\FRSTLauncher.exe
2015-04-02 19:03 - 2015-04-02 19:03 - 00000000 ____D () C:\AuthLog
2015-04-02 19:01 - 2015-04-02 18:31 - 00024064 _____ () C:\windows\zoek-delete.exe
2015-04-02 18:32 - 2015-04-02 19:04 - 00055560 _____ () C:\zoek-results.log
2015-04-02 18:31 - 2015-04-02 18:56 - 00000000 ____D () C:\zoek_backup
2015-04-02 18:31 - 2015-04-02 18:31 - 01305600 _____ () C:\Users\Andy\Desktop\zoek.exe
2015-04-02 15:10 - 2015-04-02 15:12 - 00000000 ____D () C:\AdwCleaner
2015-04-02 15:09 - 2015-04-02 15:09 - 02208768 _____ () C:\Users\Andy\Desktop\adwcleaner_4.200.exe
2015-04-02 13:43 - 2015-04-02 13:43 - 00000712 _____ () C:\windows\DtcInstall.log
2015-04-02 13:34 - 2015-04-02 13:35 - 00001568 _____ () C:\windows\comsetup.log
2015-04-02 11:59 - 2015-04-02 19:03 - 00002294 _____ () C:\windows\PFRO.log
2015-04-02 11:59 - 2015-04-02 11:59 - 00432576 _____ () C:\windows\system32\FNTCACHE.DAT
2015-04-01 23:00 - 2015-04-01 23:00 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-01 22:58 - 2015-04-01 22:59 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Andy\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-01 19:11 - 2015-04-02 19:18 - 00595998 _____ () C:\windows\WindowsUpdate.log
2015-04-01 18:39 - 2015-04-01 18:40 - 00000000 ____D () C:\rsit
2015-04-01 18:39 - 2015-04-01 18:39 - 01222144 _____ () C:\Users\Andy\Downloads\RSITx64.exe
2015-04-01 18:39 - 2015-04-01 18:39 - 00000000 ____D () C:\Program Files\trend micro
2015-04-01 18:29 - 2015-04-02 19:14 - 00388595 _____ () C:\windows\setupact.log
2015-04-01 18:29 - 2015-04-01 18:29 - 00000000 _____ () C:\windows\setuperr.log
2015-04-01 18:24 - 2015-04-01 18:44 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2015-04-01 18:20 - 2015-04-01 18:20 - 00001180 _____ () C:\Users\Andy\Desktop\TeamSpeak 3 Client.lnk
2015-04-01 18:06 - 2015-04-01 18:06 - 00000780 _____ () C:\Users\Andy\Desktop\World of Tanks (2).lnk
2015-04-01 17:57 - 2015-01-09 08:43 - 00951808 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-04-01 17:57 - 2015-01-09 07:03 - 00601088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2015-04-01 17:57 - 2015-01-09 01:52 - 00478296 _____ () C:\windows\SysWOW64\locale.nls
2015-04-01 17:57 - 2015-01-09 01:52 - 00478296 _____ () C:\windows\system32\locale.nls
2015-04-01 14:22 - 2015-04-01 14:22 - 00001338 _____ () C:\Users\Andy\Desktop\LEGO Batman 2 DC Super Heroes-=AviaRa=-.lnk
2015-04-01 14:17 - 2015-04-01 14:17 - 00000000 ____D () C:\Program Files (x86)\Company
2015-04-01 07:25 - 2015-04-01 11:22 - 00000000 ____D () C:\Users\Andy\Downloads\LEGO Batman 2 DC Super Heroes-=AviaRa=-
2015-03-31 20:00 - 2015-04-01 07:12 - 00000000 ____D () C:\Users\Andy\Downloads\LEGO Batman 2 DC Super Heroes + Crack
2015-03-31 20:00 - 2015-03-31 22:51 - 4092090368 ____R () C:\Users\Andy\Desktop\LEGO Batman 2 DC Super Heroes + Crack.iso
2015-03-31 18:05 - 2015-03-31 18:05 - 00572928 _____ () C:\Users\Andy\Downloads\VY_52_INOVACE_01_13.ppt
2015-03-31 06:34 - 2015-03-31 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Batman 3 Beyond Gotham
2015-03-29 10:37 - 2015-03-29 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fingerprint Reader
2015-03-26 16:34 - 2015-03-26 16:34 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-03-26 16:34 - 2015-03-26 16:34 - 00000000 ____D () C:\Users\Andy\AppData\Local\TeamSpeak 3 Client
2015-03-26 16:30 - 2015-03-26 16:31 - 30014480 _____ (TeamSpeak Systems GmbH) C:\Users\Andy\Downloads\TeamSpeak3-Client-win64-3.0.16.exe
2015-03-25 22:28 - 2015-03-26 16:27 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-03-25 22:23 - 2015-04-02 14:39 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\TS3Client
2015-03-25 22:22 - 2015-03-25 22:22 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Andy\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2015-03-25 13:07 - 2015-03-11 07:21 - 00677888 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00943104 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-03-25 13:07 - 2015-03-11 00:04 - 01107456 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-25 13:07 - 2015-03-04 09:26 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\AutoUpdate.exe
2015-03-25 13:07 - 2015-03-04 09:26 - 00467952 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2015-03-25 13:07 - 2015-03-04 09:26 - 00011105 _____ () C:\windows\system32\AutoconfigV2.cab
2015-03-25 13:07 - 2015-03-04 08:41 - 00695808 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2015-03-25 13:07 - 2015-03-04 08:41 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-25 13:07 - 2015-03-04 06:53 - 00568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2015-03-25 13:07 - 2015-03-04 06:53 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-18 22:35 - 2015-03-18 22:35 - 00498205 _____ () C:\Users\Andy\Downloads\Canada_(orthographic_projection).svg
2015-03-16 23:20 - 2015-01-31 15:48 - 00044024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2015-03-16 23:20 - 2015-01-31 07:55 - 00275712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2015-03-16 23:18 - 2015-02-13 01:18 - 00396419 _____ () C:\windows\system32\ApnDatabase.xml
2015-03-16 22:40 - 2015-02-23 12:52 - 02237952 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-16 22:40 - 2015-02-23 12:51 - 01409024 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-16 22:40 - 2015-02-23 12:51 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2015-03-16 22:40 - 2015-02-23 12:51 - 00600576 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 19301888 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 15410688 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 02656256 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 00949760 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-16 22:40 - 2015-02-23 12:49 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-16 22:40 - 2015-02-23 11:15 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2015-03-16 22:40 - 2015-02-21 07:31 - 01763328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-16 22:40 - 2015-02-21 07:31 - 01181696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-16 22:40 - 2015-02-21 07:31 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-16 22:40 - 2015-02-21 07:30 - 14380544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-16 22:40 - 2015-02-21 07:30 - 13768704 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-16 22:40 - 2015-02-21 07:30 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-16 22:40 - 2015-02-21 07:30 - 00737280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-03-16 22:40 - 2015-02-21 07:29 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-16 22:40 - 2015-02-21 07:07 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2015-03-16 22:40 - 2015-01-24 08:42 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-16 22:40 - 2015-01-24 07:00 - 00243712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-16 22:39 - 2015-02-23 12:52 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-16 22:39 - 2015-02-23 12:51 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-16 22:39 - 2015-02-23 12:51 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-16 22:39 - 2015-02-23 11:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-16 22:39 - 2015-02-23 10:51 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-03-16 22:39 - 2015-02-21 07:31 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 02864640 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-16 22:39 - 2015-02-21 07:29 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-16 22:39 - 2015-02-21 07:29 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-16 22:39 - 2015-02-21 07:09 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-16 22:39 - 2015-02-21 06:42 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-03-16 22:39 - 2015-02-21 05:00 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2015-03-16 22:39 - 2015-02-20 15:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-16 22:39 - 2015-02-20 13:56 - 00366592 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-16 22:39 - 2015-02-20 10:10 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-16 22:39 - 2015-02-20 09:24 - 00304128 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-16 22:39 - 2015-02-17 08:54 - 19777536 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-16 22:39 - 2015-02-17 07:13 - 17561600 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-16 22:39 - 2015-01-29 10:45 - 06973248 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-16 22:39 - 2015-01-29 10:05 - 01627648 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-16 22:39 - 2015-01-29 08:19 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-16 22:39 - 2015-01-24 08:43 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-16 22:39 - 2015-01-24 07:00 - 00368640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-16 22:39 - 2015-01-24 06:31 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-03-16 22:39 - 2015-01-20 08:41 - 01120256 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-16 22:39 - 2015-01-20 07:10 - 00892416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-16 22:38 - 2015-03-06 09:39 - 00588800 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2015-03-16 22:38 - 2015-03-06 09:39 - 00412672 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-16 22:38 - 2015-03-06 07:48 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2015-03-16 22:38 - 2015-03-06 07:48 - 00318464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-16 22:38 - 2015-02-26 06:35 - 04063232 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-16 22:38 - 2015-02-03 01:18 - 00569712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-15 22:33 - 2015-03-15 22:33 - 00356688 _____ () C:\Users\Andy\Downloads\stažený soubor.htm
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-02 19:50 - 2014-04-04 10:17 - 00461824 ___SH () C:\Users\Andy\Downloads\Thumbs.db
2015-04-02 19:13 - 2013-12-07 23:09 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-02 19:13 - 2013-12-07 23:08 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-02 19:11 - 2013-12-07 23:08 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-02 19:09 - 2014-07-09 21:52 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-02 19:09 - 2013-12-07 23:20 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Seznam.cz
2015-04-02 19:06 - 2013-12-07 23:08 - 00003942 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-02 19:06 - 2013-12-07 23:08 - 00003706 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-02 19:03 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-02 19:02 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2015-04-02 18:58 - 2013-12-07 22:45 - 00000000 ____D () C:\Users\Andy\AppData\Local\Google
2015-04-02 18:57 - 2013-12-07 22:31 - 00000000 ____D () C:\Users\Andy
2015-04-02 18:57 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2015-04-02 18:57 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2015-04-02 15:12 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Registration
2015-04-02 13:46 - 2014-09-18 21:26 - 00024768 _____ () C:\windows\diagwrn.xml
2015-04-02 13:46 - 2014-09-18 21:26 - 00024768 _____ () C:\windows\diagerr.xml
2015-04-02 13:46 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-04-02 13:30 - 2014-11-22 00:04 - 00000000 ___HD () C:\$Windows.~BT
2015-04-02 12:02 - 2015-01-10 11:00 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-02 00:56 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2015-04-01 23:00 - 2015-01-10 11:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-01 18:37 - 2014-03-22 15:36 - 00001150 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-01 18:36 - 2014-01-06 14:01 - 01510912 ___SH () C:\Users\Andy\Desktop\Thumbs.db
2015-04-01 18:32 - 2015-01-15 22:08 - 00000000 ____D () C:\Kuba-filmy
2015-04-01 18:23 - 2014-01-27 22:49 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\uTorrent
2015-04-01 18:22 - 2014-03-09 14:19 - 00000000 ____D () C:\windows\Minidump
2015-04-01 18:15 - 2015-02-14 01:44 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-01 18:15 - 2014-07-29 08:07 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-01 18:09 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2015-04-01 18:08 - 2013-12-08 10:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-01 18:06 - 2013-12-08 10:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-04-01 18:05 - 2015-02-11 12:58 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2015-04-01 18:05 - 2015-02-11 12:58 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2015-04-01 18:05 - 2015-02-11 12:58 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-01 18:05 - 2015-02-11 12:58 - 00717824 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-01 17:56 - 2013-12-08 01:11 - 00000000 ____D () C:\windows\system32\MRT
2015-04-01 17:50 - 2013-12-08 01:11 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-01 17:48 - 2012-07-26 07:26 - 00000250 _____ () C:\windows\win.ini
2015-04-01 17:32 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\NDF
2015-04-01 06:33 - 2012-10-07 14:28 - 00727488 _____ () C:\windows\system32\perfh005.dat
2015-04-01 06:33 - 2012-10-07 14:28 - 00148006 _____ () C:\windows\system32\perfc005.dat
2015-04-01 06:33 - 2012-07-26 09:28 - 01714430 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-31 19:25 - 2015-01-04 02:51 - 00000000 ____D () C:\Program Files (x86)\The Walking Dead Survival Instinct
2015-03-31 18:17 - 2013-12-07 22:33 - 00000000 ____D () C:\Users\Andy\AppData\Local\Packages
2015-03-31 06:50 - 2014-01-28 11:57 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-03-31 06:50 - 2013-12-07 22:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-28 18:25 - 2014-06-30 13:27 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-03-28 18:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-17 06:15 - 2015-01-10 11:00 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-17 06:15 - 2015-01-10 11:00 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-03-17 06:15 - 2015-01-10 11:00 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-03-14 23:37 - 2012-10-06 22:04 - 00000000 ____D () C:\ProgramData\Lenovo
2015-03-11 16:51 - 2014-05-02 19:49 - 00000023 _____ () C:\windows\clofghls.dll
2015-03-09 11:48 - 2015-02-06 17:34 - 00000501 _____ () C:\Users\Andy\Desktop\Pavla Vojta Filmy.lnk
2015-03-09 11:48 - 2015-02-06 15:28 - 00000000 ____D () C:\Pavla Vojta Filmy
2015-03-04 23:24 - 2015-02-14 01:48 - 00791496 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 23:24 - 2015-02-14 01:48 - 00177608 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 20:52 - 2014-07-27 08:34 - 00000000 ____D () C:\The KMPlayer
==================== Files in the root of some directories =======
2014-04-11 22:17 - 2014-04-11 22:23 - 4216840 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\vcredist.exe
2013-12-07 22:34 - 2014-04-29 13:02 - 0063230 _____ () C:\Users\Andy\AppData\Roaming\AbsoluteReminder.xml
2012-10-07 13:39 - 2012-10-07 13:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-10-07 13:59 - 2013-12-08 00:24 - 0003264 _____ () C:\ProgramData\MH_ErrorLog.txt
2012-10-07 13:51 - 2012-10-07 13:51 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2012-10-07 13:48 - 2012-10-07 13:49 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-07 13:49 - 2012-10-07 13:50 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2012-10-07 13:50 - 2012-10-07 13:51 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ:1
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Andy\Desktop" je 6 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Jakub (administrator) on KUBA on 02-04-2015 19:51:05
Running from C:\Users\Andy\Desktop
Loaded Profiles: Jakub (Available profiles: Jakub)
Platform: Windows 8 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Andy\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] => C:\windows\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-31] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-17] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Andy\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-17] ()
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1523200 2014-03-19] (Informer Technologies, Inc.)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [qhzrqdoikr] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\qhzrqdoikr.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [wradwykpko] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\wradwykpko.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [dnhsinhakf] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\dnhsinhakf.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [uTorrent] => C:\Users\Andy\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-02-01] (BitTorrent Inc.)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: E - "E:\Launcher.exe"
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: {cdc655c6-8800-11e3-be81-84a6c8a8b64f} - "E:\setup.exe"
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {019E1F08-9EA4-48EE-B3F5-D9C7C53975D5} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {2C669F5A-BBFD-4F0A-B519-76EA59E6ED41} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {2FB6B0B9-C801-47EB-83F2-C77C9A84A1CB} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {7BFBC1D9-D9F7-4F10-9C61-E600AA76D7D0} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {AA9DF244-97EC-4C06-9075-4E81D679F53E} URL = http://search.seznam.cz/?q={searchTerms ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {C69DC8D9-F262-4B2F-908F-F51B05F51B9E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {D491BA25-688B-4262-8832-931E4F0E2E17} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {EFAA8928-6706-4C87-8E44-E95D51C9E226} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12902
SearchScopes: HKU\S-1-5-21-1582357562-1760955146-2745679186-1001 -> {FA899A1F-F9D5-4B27-93A3-E1C29FCF0077} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12902
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-08-31] (AuthenTec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-31] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-08-31] (AuthenTec Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-31] (AVAST Software)
BHO-x32: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-07-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-09] ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll [2012-08-31] (AuthenTec, Inc)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-10-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1582357562-1760955146-2745679186-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Andy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-04] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-10-17] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\searchplugins\google-avast.xml [2015-04-01]
FF Extension: jid0MXvUXM1npF7yTcY3bpZVht72AR4jetpack - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\Extensions\jid0-MXvUXM1npF7yTcY3bpZVht72AR4@jetpack [2015-01-08]
FF Extension: Check4Change - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\6rbl9mf6.default\Extensions\check4change-owner@mozdev.org.xpi [2014-04-18]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-30]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-02]
CHR Extension: (Google Drive) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-02]
CHR Extension: (YouTube) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-02]
CHR Extension: (Google Search) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Avast Online Security) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-21]
CHR Extension: (Website Logon) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokmdlapebooifaijckgcmncjdpojmjl [2015-04-01]
CHR Extension: (Google Wallet) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-11]
CHR Extension: (Gmail) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-31]
CHR HKLM-x32\...\Chrome\Extension: [iokmdlapebooifaijckgcmncjdpojmjl] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx [2012-08-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-31] (AVAST Software)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-08-05] (Lenovo Corporation)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014664 2014-09-16] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [727536 2014-08-05] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [470000 2014-06-10] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [685568 2013-11-11] () [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-31] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S3 BTWDPAN; C:\Windows\system32\DRIVERS\btwdpan.sys [84008 2010-11-15] (Broadcom Corporation.)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [32768 2010-04-29] (Google Inc)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-09] (Intel Corporation)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Ricoh co.,Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288480 2012-12-13] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-26] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-01-28] (Duplex Secure Ltd.)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-10] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)
U3 acuiehrf; C:\Windows\System32\Drivers\acuiehrf.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-02 19:51 - 2015-04-02 19:51 - 00027269 _____ () C:\Users\Andy\Desktop\FRST.txt
2015-04-02 19:50 - 2015-04-02 19:51 - 00000000 ____D () C:\FRST
2015-04-02 19:49 - 2015-04-02 19:49 - 02095616 _____ (Farbar) C:\Users\Andy\Desktop\FRST64.exe
2015-04-02 19:49 - 2015-04-02 19:49 - 00112640 _____ (forum.viry.cz) C:\Users\Andy\Desktop\FRSTLauncher.exe
2015-04-02 19:03 - 2015-04-02 19:03 - 00000000 ____D () C:\AuthLog
2015-04-02 19:01 - 2015-04-02 18:31 - 00024064 _____ () C:\windows\zoek-delete.exe
2015-04-02 18:32 - 2015-04-02 19:04 - 00055560 _____ () C:\zoek-results.log
2015-04-02 18:31 - 2015-04-02 18:56 - 00000000 ____D () C:\zoek_backup
2015-04-02 18:31 - 2015-04-02 18:31 - 01305600 _____ () C:\Users\Andy\Desktop\zoek.exe
2015-04-02 15:10 - 2015-04-02 15:12 - 00000000 ____D () C:\AdwCleaner
2015-04-02 15:09 - 2015-04-02 15:09 - 02208768 _____ () C:\Users\Andy\Desktop\adwcleaner_4.200.exe
2015-04-02 13:43 - 2015-04-02 13:43 - 00000712 _____ () C:\windows\DtcInstall.log
2015-04-02 13:34 - 2015-04-02 13:35 - 00001568 _____ () C:\windows\comsetup.log
2015-04-02 11:59 - 2015-04-02 19:03 - 00002294 _____ () C:\windows\PFRO.log
2015-04-02 11:59 - 2015-04-02 11:59 - 00432576 _____ () C:\windows\system32\FNTCACHE.DAT
2015-04-01 23:00 - 2015-04-01 23:00 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-01 22:58 - 2015-04-01 22:59 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Andy\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-01 19:11 - 2015-04-02 19:18 - 00595998 _____ () C:\windows\WindowsUpdate.log
2015-04-01 18:39 - 2015-04-01 18:40 - 00000000 ____D () C:\rsit
2015-04-01 18:39 - 2015-04-01 18:39 - 01222144 _____ () C:\Users\Andy\Downloads\RSITx64.exe
2015-04-01 18:39 - 2015-04-01 18:39 - 00000000 ____D () C:\Program Files\trend micro
2015-04-01 18:29 - 2015-04-02 19:14 - 00388595 _____ () C:\windows\setupact.log
2015-04-01 18:29 - 2015-04-01 18:29 - 00000000 _____ () C:\windows\setuperr.log
2015-04-01 18:24 - 2015-04-01 18:44 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2015-04-01 18:20 - 2015-04-01 18:20 - 00001180 _____ () C:\Users\Andy\Desktop\TeamSpeak 3 Client.lnk
2015-04-01 18:06 - 2015-04-01 18:06 - 00000780 _____ () C:\Users\Andy\Desktop\World of Tanks (2).lnk
2015-04-01 17:57 - 2015-01-09 08:43 - 00951808 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-04-01 17:57 - 2015-01-09 07:03 - 00601088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2015-04-01 17:57 - 2015-01-09 01:52 - 00478296 _____ () C:\windows\SysWOW64\locale.nls
2015-04-01 17:57 - 2015-01-09 01:52 - 00478296 _____ () C:\windows\system32\locale.nls
2015-04-01 14:22 - 2015-04-01 14:22 - 00001338 _____ () C:\Users\Andy\Desktop\LEGO Batman 2 DC Super Heroes-=AviaRa=-.lnk
2015-04-01 14:17 - 2015-04-01 14:17 - 00000000 ____D () C:\Program Files (x86)\Company
2015-04-01 07:25 - 2015-04-01 11:22 - 00000000 ____D () C:\Users\Andy\Downloads\LEGO Batman 2 DC Super Heroes-=AviaRa=-
2015-03-31 20:00 - 2015-04-01 07:12 - 00000000 ____D () C:\Users\Andy\Downloads\LEGO Batman 2 DC Super Heroes + Crack
2015-03-31 20:00 - 2015-03-31 22:51 - 4092090368 ____R () C:\Users\Andy\Desktop\LEGO Batman 2 DC Super Heroes + Crack.iso
2015-03-31 18:05 - 2015-03-31 18:05 - 00572928 _____ () C:\Users\Andy\Downloads\VY_52_INOVACE_01_13.ppt
2015-03-31 06:34 - 2015-03-31 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Batman 3 Beyond Gotham
2015-03-29 10:37 - 2015-03-29 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fingerprint Reader
2015-03-26 16:34 - 2015-03-26 16:34 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-03-26 16:34 - 2015-03-26 16:34 - 00000000 ____D () C:\Users\Andy\AppData\Local\TeamSpeak 3 Client
2015-03-26 16:30 - 2015-03-26 16:31 - 30014480 _____ (TeamSpeak Systems GmbH) C:\Users\Andy\Downloads\TeamSpeak3-Client-win64-3.0.16.exe
2015-03-25 22:28 - 2015-03-26 16:27 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-03-25 22:23 - 2015-04-02 14:39 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\TS3Client
2015-03-25 22:22 - 2015-03-25 22:22 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Andy\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2015-03-25 13:07 - 2015-03-11 07:21 - 00677888 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00943104 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-25 13:07 - 2015-03-11 07:20 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-03-25 13:07 - 2015-03-11 00:04 - 01107456 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-25 13:07 - 2015-03-04 09:26 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\AutoUpdate.exe
2015-03-25 13:07 - 2015-03-04 09:26 - 00467952 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2015-03-25 13:07 - 2015-03-04 09:26 - 00011105 _____ () C:\windows\system32\AutoconfigV2.cab
2015-03-25 13:07 - 2015-03-04 08:41 - 00695808 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2015-03-25 13:07 - 2015-03-04 08:41 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-25 13:07 - 2015-03-04 06:53 - 00568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2015-03-25 13:07 - 2015-03-04 06:53 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-18 22:35 - 2015-03-18 22:35 - 00498205 _____ () C:\Users\Andy\Downloads\Canada_(orthographic_projection).svg
2015-03-16 23:20 - 2015-01-31 15:48 - 00044024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2015-03-16 23:20 - 2015-01-31 07:55 - 00275712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2015-03-16 23:18 - 2015-02-13 01:18 - 00396419 _____ () C:\windows\system32\ApnDatabase.xml
2015-03-16 22:40 - 2015-02-23 12:52 - 02237952 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-16 22:40 - 2015-02-23 12:51 - 01409024 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-16 22:40 - 2015-02-23 12:51 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2015-03-16 22:40 - 2015-02-23 12:51 - 00600576 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 19301888 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 15410688 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 02656256 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 00949760 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-03-16 22:40 - 2015-02-23 12:50 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-16 22:40 - 2015-02-23 12:49 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-16 22:40 - 2015-02-23 11:15 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2015-03-16 22:40 - 2015-02-21 07:31 - 01763328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-16 22:40 - 2015-02-21 07:31 - 01181696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-16 22:40 - 2015-02-21 07:31 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-16 22:40 - 2015-02-21 07:30 - 14380544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-16 22:40 - 2015-02-21 07:30 - 13768704 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-16 22:40 - 2015-02-21 07:30 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-16 22:40 - 2015-02-21 07:30 - 00737280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-03-16 22:40 - 2015-02-21 07:29 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-16 22:40 - 2015-02-21 07:07 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2015-03-16 22:40 - 2015-01-24 08:42 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-16 22:40 - 2015-01-24 07:00 - 00243712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-16 22:39 - 2015-02-23 12:52 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-16 22:39 - 2015-02-23 12:51 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-16 22:39 - 2015-02-23 12:51 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-16 22:39 - 2015-02-23 12:50 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-16 22:39 - 2015-02-23 11:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-16 22:39 - 2015-02-23 10:51 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-03-16 22:39 - 2015-02-21 07:31 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 02864640 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-16 22:39 - 2015-02-21 07:30 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-16 22:39 - 2015-02-21 07:29 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-16 22:39 - 2015-02-21 07:29 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-16 22:39 - 2015-02-21 07:09 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-16 22:39 - 2015-02-21 06:42 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-03-16 22:39 - 2015-02-21 05:00 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2015-03-16 22:39 - 2015-02-20 15:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-16 22:39 - 2015-02-20 13:56 - 00366592 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-16 22:39 - 2015-02-20 10:10 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-16 22:39 - 2015-02-20 09:24 - 00304128 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-16 22:39 - 2015-02-17 08:54 - 19777536 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-16 22:39 - 2015-02-17 07:13 - 17561600 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-16 22:39 - 2015-01-29 10:45 - 06973248 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-16 22:39 - 2015-01-29 10:05 - 01627648 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-16 22:39 - 2015-01-29 08:19 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-16 22:39 - 2015-01-24 08:43 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-16 22:39 - 2015-01-24 07:00 - 00368640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-16 22:39 - 2015-01-24 06:31 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-03-16 22:39 - 2015-01-20 08:41 - 01120256 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-16 22:39 - 2015-01-20 07:10 - 00892416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-16 22:38 - 2015-03-06 09:39 - 00588800 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2015-03-16 22:38 - 2015-03-06 09:39 - 00412672 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-16 22:38 - 2015-03-06 07:48 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2015-03-16 22:38 - 2015-03-06 07:48 - 00318464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-16 22:38 - 2015-02-26 06:35 - 04063232 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-16 22:38 - 2015-02-03 01:18 - 00569712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-15 22:33 - 2015-03-15 22:33 - 00356688 _____ () C:\Users\Andy\Downloads\stažený soubor.htm
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-02 19:50 - 2014-04-04 10:17 - 00461824 ___SH () C:\Users\Andy\Downloads\Thumbs.db
2015-04-02 19:13 - 2013-12-07 23:09 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-02 19:13 - 2013-12-07 23:08 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-02 19:11 - 2013-12-07 23:08 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-02 19:09 - 2014-07-09 21:52 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-02 19:09 - 2013-12-07 23:20 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Seznam.cz
2015-04-02 19:06 - 2013-12-07 23:08 - 00003942 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-02 19:06 - 2013-12-07 23:08 - 00003706 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-02 19:03 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-02 19:02 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-04-02 18:58 - 2014-05-13 16:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2015-04-02 18:58 - 2013-12-07 22:45 - 00000000 ____D () C:\Users\Andy\AppData\Local\Google
2015-04-02 18:57 - 2013-12-07 22:31 - 00000000 ____D () C:\Users\Andy
2015-04-02 18:57 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2015-04-02 18:57 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2015-04-02 15:12 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Registration
2015-04-02 13:46 - 2014-09-18 21:26 - 00024768 _____ () C:\windows\diagwrn.xml
2015-04-02 13:46 - 2014-09-18 21:26 - 00024768 _____ () C:\windows\diagerr.xml
2015-04-02 13:46 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-04-02 13:30 - 2014-11-22 00:04 - 00000000 ___HD () C:\$Windows.~BT
2015-04-02 12:02 - 2015-01-10 11:00 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-02 00:56 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2015-04-01 23:00 - 2015-01-10 11:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-01 18:37 - 2014-03-22 15:36 - 00001150 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-01 18:36 - 2014-01-06 14:01 - 01510912 ___SH () C:\Users\Andy\Desktop\Thumbs.db
2015-04-01 18:32 - 2015-01-15 22:08 - 00000000 ____D () C:\Kuba-filmy
2015-04-01 18:23 - 2014-01-27 22:49 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\uTorrent
2015-04-01 18:22 - 2014-03-09 14:19 - 00000000 ____D () C:\windows\Minidump
2015-04-01 18:15 - 2015-02-14 01:44 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-01 18:15 - 2014-07-29 08:07 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-01 18:15 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-01 18:09 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2015-04-01 18:08 - 2013-12-08 10:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-01 18:06 - 2013-12-08 10:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-04-01 18:05 - 2015-02-11 12:58 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2015-04-01 18:05 - 2015-02-11 12:58 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2015-04-01 18:05 - 2015-02-11 12:58 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-01 18:05 - 2015-02-11 12:58 - 00717824 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-01 17:56 - 2013-12-08 01:11 - 00000000 ____D () C:\windows\system32\MRT
2015-04-01 17:50 - 2013-12-08 01:11 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-01 17:48 - 2012-07-26 07:26 - 00000250 _____ () C:\windows\win.ini
2015-04-01 17:32 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\NDF
2015-04-01 06:33 - 2012-10-07 14:28 - 00727488 _____ () C:\windows\system32\perfh005.dat
2015-04-01 06:33 - 2012-10-07 14:28 - 00148006 _____ () C:\windows\system32\perfc005.dat
2015-04-01 06:33 - 2012-07-26 09:28 - 01714430 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-31 19:25 - 2015-01-04 02:51 - 00000000 ____D () C:\Program Files (x86)\The Walking Dead Survival Instinct
2015-03-31 18:17 - 2013-12-07 22:33 - 00000000 ____D () C:\Users\Andy\AppData\Local\Packages
2015-03-31 06:50 - 2014-01-28 11:57 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-03-31 06:50 - 2013-12-07 22:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-28 18:25 - 2014-06-30 13:27 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-03-28 18:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-17 06:15 - 2015-01-10 11:00 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-17 06:15 - 2015-01-10 11:00 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-03-17 06:15 - 2015-01-10 11:00 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-03-14 23:37 - 2012-10-06 22:04 - 00000000 ____D () C:\ProgramData\Lenovo
2015-03-11 16:51 - 2014-05-02 19:49 - 00000023 _____ () C:\windows\clofghls.dll
2015-03-09 11:48 - 2015-02-06 17:34 - 00000501 _____ () C:\Users\Andy\Desktop\Pavla Vojta Filmy.lnk
2015-03-09 11:48 - 2015-02-06 15:28 - 00000000 ____D () C:\Pavla Vojta Filmy
2015-03-04 23:24 - 2015-02-14 01:48 - 00791496 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 23:24 - 2015-02-14 01:48 - 00177608 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 20:52 - 2014-07-27 08:34 - 00000000 ____D () C:\The KMPlayer
==================== Files in the root of some directories =======
2014-04-11 22:17 - 2014-04-11 22:23 - 4216840 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\vcredist.exe
2013-12-07 22:34 - 2014-04-29 13:02 - 0063230 _____ () C:\Users\Andy\AppData\Roaming\AbsoluteReminder.xml
2012-10-07 13:39 - 2012-10-07 13:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-10-07 13:59 - 2013-12-08 00:24 - 0003264 _____ () C:\ProgramData\MH_ErrorLog.txt
2012-10-07 13:51 - 2012-10-07 13:51 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2012-10-07 13:48 - 2012-10-07 13:49 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-07 13:49 - 2012-10-07 13:50 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2012-10-07 13:50 - 2012-10-07 13:51 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ:1
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Andy\Desktop" je 6 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (11.16 KiB) Staženo 17 x
Re: Preventivka prosím
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-17] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Andy\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-17] () HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] () HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1523200 2014-03-19] (Informer Technologies, Inc.) HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [qhzrqdoikr] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\qhzrqdoikr.vbs" <===== ATTENTION HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [wradwykpko] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\wradwykpko.vbs" <===== ATTENTION HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [dnhsinhakf] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\dnhsinhakf.vbs" <===== ATTENTION HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [uTorrent] => C:\Users\Andy\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-02-01] (BitTorrent Inc.) HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: E - "E:\Launcher.exe" HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: {cdc655c6-8800-11e3-be81-84a6c8a8b64f} - "E:\setup.exe" HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File U3 acuiehrf; C:\Windows\System32\Drivers\acuiehrf.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder) 2015-04-02 19:51 - 2015-04-02 19:51 - 00027269 _____ () C:\Users\Andy\Desktop\FRST.txt 2015-04-02 19:49 - 2015-04-02 19:49 - 00112640 _____ (forum.viry.cz) C:\Users\Andy\Desktop\FRSTLauncher.exe 2015-04-02 19:01 - 2015-04-02 18:31 - 00024064 _____ () C:\windows\zoek-delete.exe 2015-04-02 18:32 - 2015-04-02 19:04 - 00055560 _____ () C:\zoek-results.log 2015-04-02 18:31 - 2015-04-02 18:56 - 00000000 ____D () C:\zoek_backup 2015-04-02 18:31 - 2015-04-02 18:31 - 01305600 _____ () C:\Users\Andy\Desktop\zoek.exe 2015-04-02 15:10 - 2015-04-02 15:12 - 00000000 ____D () C:\AdwCleaner 2015-04-02 15:09 - 2015-04-02 15:09 - 02208768 _____ () C:\Users\Andy\Desktop\adwcleaner_4.200.exe 2015-04-02 13:43 - 2015-04-02 13:43 - 00000712 _____ () C:\windows\DtcInstall.log 2015-04-02 13:34 - 2015-04-02 13:35 - 00001568 _____ () C:\windows\comsetup.log 2015-04-02 11:59 - 2015-04-02 19:03 - 00002294 _____ () C:\windows\PFRO.log 2015-04-01 18:39 - 2015-04-01 18:40 - 00000000 ____D () C:\rsit 2015-04-01 18:39 - 2015-04-01 18:39 - 01222144 _____ () C:\Users\Andy\Downloads\RSITx64.exe 2015-04-01 18:39 - 2015-04-01 18:39 - 00000000 ____D () C:\Program Files\trend micro 2015-04-01 18:29 - 2015-04-02 19:14 - 00388595 _____ () C:\windows\setupact.log 2015-04-01 18:29 - 2015-04-01 18:29 - 00000000 _____ () C:\windows\setuperr.log 2015-04-01 22:58 - 2015-04-01 22:59 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Andy\Downloads\mbam-setup-2.1.4.1018.exe 2012-10-07 13:59 - 2013-12-08 00:24 - 0003264 _____ () C:\ProgramData\MH_ErrorLog.txt 2012-10-07 13:51 - 2012-10-07 13:51 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log 2012-10-07 13:48 - 2012-10-07 13:49 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2012-10-07 13:49 - 2012-10-07 13:50 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log 2012-10-07 13:50 - 2012-10-07 13:51 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ:1 AlternateDataStreams: C:\ProgramData\Temp:56E2E879 Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka prosím
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Jakub at 2015-04-02 20:03:25 Run:1
Running from C:\Users\Andy\Desktop
Loaded Profiles: Jakub (Available profiles: Jakub)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Andy\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-17] ()
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1523200 2014-03-19] (Informer Technologies, Inc.)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [qhzrqdoikr] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\qhzrqdoikr.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [wradwykpko] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\wradwykpko.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [dnhsinhakf] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\dnhsinhakf.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [uTorrent] => C:\Users\Andy\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-02-01] (BitTorrent Inc.)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: E - "E:\Launcher.exe"
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: {cdc655c6-8800-11e3-be81-84a6c8a8b64f} - "E:\setup.exe"
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
U3 acuiehrf; C:\Windows\System32\Drivers\acuiehrf.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
2015-04-02 19:51 - 2015-04-02 19:51 - 00027269 _____ () C:\Users\Andy\Desktop\FRST.txt
2015-04-02 19:49 - 2015-04-02 19:49 - 00112640 _____ (forum.viry.cz) C:\Users\Andy\Desktop\FRSTLauncher.exe
2015-04-02 19:01 - 2015-04-02 18:31 - 00024064 _____ () C:\windows\zoek-delete.exe
2015-04-02 18:32 - 2015-04-02 19:04 - 00055560 _____ () C:\zoek-results.log
2015-04-02 18:31 - 2015-04-02 18:56 - 00000000 ____D () C:\zoek_backup
2015-04-02 18:31 - 2015-04-02 18:31 - 01305600 _____ () C:\Users\Andy\Desktop\zoek.exe
2015-04-02 15:10 - 2015-04-02 15:12 - 00000000 ____D () C:\AdwCleaner
2015-04-02 15:09 - 2015-04-02 15:09 - 02208768 _____ () C:\Users\Andy\Desktop\adwcleaner_4.200.exe
2015-04-02 13:43 - 2015-04-02 13:43 - 00000712 _____ () C:\windows\DtcInstall.log
2015-04-02 13:34 - 2015-04-02 13:35 - 00001568 _____ () C:\windows\comsetup.log
2015-04-02 11:59 - 2015-04-02 19:03 - 00002294 _____ () C:\windows\PFRO.log
2015-04-01 18:39 - 2015-04-01 18:40 - 00000000 ____D () C:\rsit
2015-04-01 18:39 - 2015-04-01 18:39 - 01222144 _____ () C:\Users\Andy\Downloads\RSITx64.exe
2015-04-01 18:39 - 2015-04-01 18:39 - 00000000 ____D () C:\Program Files\trend micro
2015-04-01 18:29 - 2015-04-02 19:14 - 00388595 _____ () C:\windows\setupact.log
2015-04-01 18:29 - 2015-04-01 18:29 - 00000000 _____ () C:\windows\setuperr.log
2015-04-01 22:58 - 2015-04-01 22:59 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Andy\Downloads\mbam-setup-2.1.4.1018.exe
2012-10-07 13:59 - 2013-12-08 00:24 - 0003264 _____ () C:\ProgramData\MH_ErrorLog.txt
2012-10-07 13:51 - 2012-10-07 13:51 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2012-10-07 13:48 - 2012-10-07 13:49 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-07 13:49 - 2012-10-07 13:50 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2012-10-07 13:50 - 2012-10-07 13:51 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ:1
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AlcoholAutomount => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Software Informer => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\qhzrqdoikr => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\wradwykpko => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\dnhsinhakf => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
"HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => Key deleted successfully.
"HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cdc655c6-8800-11e3-be81-84a6c8a8b64f}" => Key deleted successfully.
HKCR\CLSID\{cdc655c6-8800-11e3-be81-84a6c8a8b64f} => Key not found.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Control Panel\Desktop\\SCRNSAVE.EXE => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
acuiehrf => Service deleted successfully.
C:\Users\Andy\Desktop\FRST.txt => Moved successfully.
C:\Users\Andy\Desktop\FRSTLauncher.exe => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Andy\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Andy\Desktop\adwcleaner_4.200.exe => Moved successfully.
C:\windows\DtcInstall.log => Moved successfully.
C:\windows\comsetup.log => Moved successfully.
C:\windows\PFRO.log => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Andy\Downloads\RSITx64.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\windows\setupact.log => Moved successfully.
C:\windows\setuperr.log => Moved successfully.
C:\Users\Andy\Downloads\mbam-setup-2.1.4.1018.exe => Moved successfully.
C:\ProgramData\MH_ErrorLog.txt => Moved successfully.
C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log => Moved successfully.
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log => Moved successfully.
C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log => Moved successfully.
C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\DriverToolkit Autorun.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ => ":1" ADS removed successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 370.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog 20:04:25 ====
Ran by Jakub at 2015-04-02 20:03:25 Run:1
Running from C:\Users\Andy\Desktop
Loaded Profiles: Jakub (Available profiles: Jakub)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Andy\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-17] ()
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Andy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1523200 2014-03-19] (Informer Technologies, Inc.)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [qhzrqdoikr] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\qhzrqdoikr.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [wradwykpko] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\wradwykpko.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [dnhsinhakf] => wscript.exe //B "C:\Users\Andy\AppData\Local\Temp\dnhsinhakf.vbs" <===== ATTENTION
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\Run: [uTorrent] => C:\Users\Andy\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-02-01] (BitTorrent Inc.)
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: E - "E:\Launcher.exe"
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\...\MountPoints2: {cdc655c6-8800-11e3-be81-84a6c8a8b64f} - "E:\setup.exe"
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
U3 acuiehrf; C:\Windows\System32\Drivers\acuiehrf.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
2015-04-02 19:51 - 2015-04-02 19:51 - 00027269 _____ () C:\Users\Andy\Desktop\FRST.txt
2015-04-02 19:49 - 2015-04-02 19:49 - 00112640 _____ (forum.viry.cz) C:\Users\Andy\Desktop\FRSTLauncher.exe
2015-04-02 19:01 - 2015-04-02 18:31 - 00024064 _____ () C:\windows\zoek-delete.exe
2015-04-02 18:32 - 2015-04-02 19:04 - 00055560 _____ () C:\zoek-results.log
2015-04-02 18:31 - 2015-04-02 18:56 - 00000000 ____D () C:\zoek_backup
2015-04-02 18:31 - 2015-04-02 18:31 - 01305600 _____ () C:\Users\Andy\Desktop\zoek.exe
2015-04-02 15:10 - 2015-04-02 15:12 - 00000000 ____D () C:\AdwCleaner
2015-04-02 15:09 - 2015-04-02 15:09 - 02208768 _____ () C:\Users\Andy\Desktop\adwcleaner_4.200.exe
2015-04-02 13:43 - 2015-04-02 13:43 - 00000712 _____ () C:\windows\DtcInstall.log
2015-04-02 13:34 - 2015-04-02 13:35 - 00001568 _____ () C:\windows\comsetup.log
2015-04-02 11:59 - 2015-04-02 19:03 - 00002294 _____ () C:\windows\PFRO.log
2015-04-01 18:39 - 2015-04-01 18:40 - 00000000 ____D () C:\rsit
2015-04-01 18:39 - 2015-04-01 18:39 - 01222144 _____ () C:\Users\Andy\Downloads\RSITx64.exe
2015-04-01 18:39 - 2015-04-01 18:39 - 00000000 ____D () C:\Program Files\trend micro
2015-04-01 18:29 - 2015-04-02 19:14 - 00388595 _____ () C:\windows\setupact.log
2015-04-01 18:29 - 2015-04-01 18:29 - 00000000 _____ () C:\windows\setuperr.log
2015-04-01 22:58 - 2015-04-01 22:59 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Andy\Downloads\mbam-setup-2.1.4.1018.exe
2012-10-07 13:59 - 2013-12-08 00:24 - 0003264 _____ () C:\ProgramData\MH_ErrorLog.txt
2012-10-07 13:51 - 2012-10-07 13:51 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2012-10-07 13:48 - 2012-10-07 13:49 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-07 13:49 - 2012-10-07 13:50 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2012-10-07 13:50 - 2012-10-07 13:51 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ:1
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AlcoholAutomount => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Software Informer => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\qhzrqdoikr => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\wradwykpko => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\dnhsinhakf => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
"HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => Key deleted successfully.
"HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cdc655c6-8800-11e3-be81-84a6c8a8b64f}" => Key deleted successfully.
HKCR\CLSID\{cdc655c6-8800-11e3-be81-84a6c8a8b64f} => Key not found.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Control Panel\Desktop\\SCRNSAVE.EXE => value deleted successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1582357562-1760955146-2745679186-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
acuiehrf => Service deleted successfully.
C:\Users\Andy\Desktop\FRST.txt => Moved successfully.
C:\Users\Andy\Desktop\FRSTLauncher.exe => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Andy\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Andy\Desktop\adwcleaner_4.200.exe => Moved successfully.
C:\windows\DtcInstall.log => Moved successfully.
C:\windows\comsetup.log => Moved successfully.
C:\windows\PFRO.log => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Andy\Downloads\RSITx64.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\windows\setupact.log => Moved successfully.
C:\windows\setuperr.log => Moved successfully.
C:\Users\Andy\Downloads\mbam-setup-2.1.4.1018.exe => Moved successfully.
C:\ProgramData\MH_ErrorLog.txt => Moved successfully.
C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log => Moved successfully.
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log => Moved successfully.
C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log => Moved successfully.
C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\DriverToolkit Autorun.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ => ":1" ADS removed successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 370.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog 20:04:25 ====
Re: Preventivka prosím
Jak se chova PC???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka prosím
Abych vám pravdu řekl, tak jde poznat zlepšení. Lepší výkon při hře i se míň zahřívá.. A start je rychlejší...
Re: Preventivka prosím
Tak jeste uklidime 
DelFix https://toolslib.net/downloads/finish/2/
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka prosím
Sice do ještě není dokončeno, ale chci vám moc poděkovat, protože jste mi asi zachránili notebook... Během příštího týdne bych vám rád poslal nějaký dík...sice to nebude moc ale aspoň to málo co si můžu dovolit vám pošlu na váš účet jen ať víte....mějte se a přeji pohodový víkend...
Přispějete na provoz fóra?