Ahoj, vkládám FRST log a do přílohy dávám Addition. Prosím o kontrolu...díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by Petra (administrator) on PETRA-PC (01-10-2015 18:59:08)
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: Petra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Somoto LTD) C:\Program Files (x86)\Movies App\SafetyNut\SafetyNutManager.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Somoto LTD) C:\Program Files (x86)\Movies App\SafetyNut\SafetyNutManager.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(HDPlus-01TotalV21.09) C:\Program Files (x86)\TotalPlus01-3.1V21.09\9d49669d-134c-4583-a8ad-a116825ab887.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(FileProperties_CompanyName) C:\Program Files (x86)\dress4u\dress4u_notification_service.exe
() C:\Program Files (x86)\TheTorntv V10\b2036cc6-9cbe-4874-bf1c-c7a2badb2cbc.exe
() C:\Program Files (x86)\Crazy Shopperama\crazy_shopperama_helper_service.exe
() C:\Program Files (x86)\Max Deal\max_deal_helper_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\PLFSetI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Somoto) C:\Users\Petra\AppData\Local\FilesFrog Update Checker\update_checker.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
() C:\Users\Petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\Application\BgPageServer.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpSystemStatusCheck.exe
(forum.viry.cz) C:\Users\Petra\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7940128 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [489472 2009-08-20] (Acer Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-11-03] ()
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1191432 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-02-15] ()
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-04] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [Google Update] => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [SDP] => C:\Users\Petra\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [BIBLauncher] => C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [3950384 2013-10-24] ()
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [FLV Player] => C:\Users\Petra\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] ()
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Petra\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [TornTv Downloader] => C:\Users\Petra\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [Only-search] => C:\Users\Petra\AppData\Local\onlysearch\onlysearch\1.3.20.7\onlysearch.exe
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-04] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\MountPoints2: {031453fe-1b6e-11e5-b873-001e3324be46} - D:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [247056 2015-08-16] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~2.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [219920 2015-08-16] (Client Connect LTD)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies App\SafetyNut\safetycrt.dll [493776 2014-12-15] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies App\SafetyNut\x64\safetycrt.dll [669392 2014-12-15] ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2013-12-04] (AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-08-06] (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-08-06] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2009-09-04]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-11-03]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2014-09-21]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{01960AB4-79F8-4BA5-AD01-1CB3C624A2FB}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F131376F-ED36-48CF-AF13-76D499909E85}: [DhcpNameServer] 10.0.0.2
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://istart.webssearches.com/?type=hp&ts=1411333116&from=irs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXD0A991798917989
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://istart.webssearches.com/?type=hp&ts=1411333116&from=irs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXD0A991798917989
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1411333116&from=irs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXD0A991798917989
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1411333116&from=irs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXD0A991798917989
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN18222949402851197&UM=1&ctid=CT1750559&SSPV=
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1411333116&from=irs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXD0A991798917989
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntr ... 6&tsp=4919
URLSearchHook: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Users\Petra\AppData\LocalLow\uTorrentBar\prxtbuTo1.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-161823599-738129010-2060771426-1000 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Users\Petra\AppData\LocalLow\uTorrentBar\prxtbuTo1.dll (ClientConnect Ltd.)
SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=a15005-329&apn_uid=5804000725224469&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=a15005-329&apn_uid=5804000725224469&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.only-search.com/?q={searchTerms}&ba ... t&tsp=5378
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {476795EB-7647-4463-A8C5-FAEA15F0EEFC} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN18222949402851197&UM=1
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {4A720000-424D-40a9-A87E-3EBD3E7536CA} URL = hxxp://search.passwordbox.com/?install_time=20130528024844&sub_id=softonic_s_ppi&browser=msie&search_term={searchTerms}
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=a15005-329&apn_uid=5804000725224469&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ360
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {B76E7A85-7322-428b-AB33-19A6A5FD1E73} URL = hxxp://www.bsplayer-search.com/search?q={searchTerms}
BHO: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho64.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO: TheTorntv V10 -> {11111111-1111-1111-1111-110611331111} -> C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll [2014-09-21] (esc)
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-04] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
BHO-x32: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO-x32: TheTorntv V10 -> {11111111-1111-1111-1111-110611331111} -> C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll [2014-09-21] (esc)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2014-08-26] (PasswordBox, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-04] (AVAST Software)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: uTorrentBar Toolbar -> {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -> C:\Users\Petra\AppData\LocalLow\uTorrentBar\prxtbuTo1.dll [2014-03-26] (ClientConnect Ltd.)
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll [2013-05-20] (Delta-search.com)
Toolbar: HKLM - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-04] (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
Toolbar: HKLM-x32 - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll [2008-10-08] ()
Toolbar: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Users\Petra\AppData\LocalLow\uTorrentBar\prxtbuTo1.dll [2014-03-26] (ClientConnect Ltd.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-04] (AVAST Software)
Toolbar: HKLM-x32 - PasswordBox - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2014-08-26] (PasswordBox, Inc.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll [2013-05-20] (Delta-search.com)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-21] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-21] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-161823599-738129010-2060771426-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Petra\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-161823599-738129010-2060771426-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Petra\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-03-23]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-03-23]
Chrome:
=======
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Movies App) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic [2014-04-27]
CHR Extension: (Dokumenty Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-17]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-17]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-17]
CHR Extension: (DivX HiQ) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-03-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-09]
CHR Extension: (AdBlock) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-15]
CHR Extension: (Skype Click to Call) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-03-13]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-17]
CHR Extension: (Extutil) - C:\Users\Petra\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-09-21]
CHR Extension: (Managera) - C:\Users\Petra\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-09-21]
CHR HKLM-x32\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\Petra\AppData\Local\somotomoviestoolbar181\GC\toolbar.crx [2014-01-24]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
StartMenuInternet: Google Chrome - C:\Users\Petra\AppData\Local\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR Extension: (TotalPlus01-3.1V21.09) - C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb [2014-09-21]
OPR Extension: (TheTorntvs V10 1.1) - C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pmijnggdaadccmmmoofgdcaikjmkiglk [2014-09-24]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-04] (AVAST Software)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53320 2014-11-13] (Just Develop It) <==== ATTENTION
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3240208 2015-08-16] (Client Connect LTD)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [787968 2009-08-20] (Acer Incorporated) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-21] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-21] (globalUpdate) [File not signed] <==== ATTENTION
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [186136 2013-08-17] (TMRG, Inc.) <==== ATTENTION
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
R2 SafetyNutManager; C:\Program Files (x86)\Movies App\SafetyNut\SafetyNutManager.exe [3574480 2014-12-15] (Somoto LTD)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-11-02] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 McShield; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [X]
S3 McSysmon; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-04] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-04] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Movies App\SafetyNut\x64\configmgrc3.cfg [46160 2014-12-15] (Somoto LTD)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S1 vaqzhgnq; \??\C:\Windows\system32\drivers\vaqzhgnq.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-01 18:37 - 2015-10-01 19:02 - 00033595 _____ C:\Users\Petra\Desktop\FRST.txt
2015-10-01 18:37 - 2015-10-01 18:59 - 00000000 ____D C:\FRST
2015-10-01 18:23 - 2015-10-01 18:22 - 00112640 _____ (forum.viry.cz) C:\Users\Petra\Desktop\FRSTLauncher.exe
2015-10-01 18:22 - 2015-10-01 18:22 - 00112640 _____ (forum.viry.cz) C:\Users\Petra\Downloads\FRSTLauncher.exe
2015-10-01 18:07 - 2015-10-01 18:08 - 02192384 _____ (Farbar) C:\Users\Petra\Desktop\FRST64.exe
2015-10-01 17:39 - 2015-10-01 17:41 - 00681952 _____ C:\Users\Petra\Downloads\Setup (3).exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup.exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup (2).exe
2015-10-01 17:38 - 2015-10-01 17:39 - 00681952 _____ C:\Users\Petra\Downloads\Setup (1).exe
2015-10-01 17:37 - 2015-10-01 17:38 - 10554352 _____ C:\Users\Petra\Downloads\bsplayer269.1079.exe
2015-10-01 17:24 - 2015-10-01 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
2015-10-01 17:21 - 2015-10-01 17:21 - 00000000 ___RD C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2015-09-30 17:57 - 2015-09-30 17:58 - 03393608 _____ (Lucky Driver LLC) C:\Users\Petra\Downloads\House_of_Cards_S01e09Mux_-_XviD_-_Ita_Eng_Mp3_-_Sub_Ita_EngTNT_downloader.exe
2015-09-30 17:56 - 2015-09-30 17:56 - 01588386 _____ C:\Users\Petra\Downloads\House.of.Cards.S01e09[Mux.ace
2015-09-10 11:47 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-10 11:47 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-09 21:40 - 2015-09-09 21:50 - 00000000 ____D C:\Users\Petra\Desktop\Bones
2015-09-09 21:37 - 2015-09-09 21:44 - 00000000 ____D C:\Users\Petra\Desktop\21 Jump Street (2012) [1080p]
2015-09-08 23:57 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 23:57 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 23:57 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-08 23:57 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-08 23:57 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-08 23:57 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 23:57 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-08 23:57 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 23:56 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 23:56 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-08 23:56 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-08 23:56 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-08 23:56 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-08 23:56 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-08 23:56 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 23:56 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 23:56 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-08 23:56 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-08 23:56 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 23:56 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-08 23:56 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-08 23:56 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-08 23:56 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-08 23:56 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-08 23:56 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-08 23:56 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-08 23:56 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 23:56 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-08 23:56 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-08 23:56 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-08 23:56 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-08 23:56 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-08 23:56 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 23:56 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-08 23:56 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-08 23:56 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-08 23:56 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 23:56 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-08 23:56 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-08 23:56 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 23:56 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 23:56 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 23:56 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-08 23:56 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 23:56 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-08 23:56 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-08 23:56 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-08 23:56 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-08 23:56 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 23:56 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 23:56 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 23:56 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-08 23:56 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-08 23:56 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 23:56 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 23:56 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 23:56 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 23:56 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-08 23:56 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-08 23:56 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-08 23:56 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-08 23:56 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-08 23:56 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-08 23:56 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-08 23:55 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 23:55 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-08 23:55 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-08 23:55 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 23:55 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-08 23:55 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 23:55 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-08 23:55 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-08 23:55 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-08 23:55 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 23:55 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-08 23:55 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-08 23:55 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-08 23:55 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-08 23:55 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-08 23:55 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-08 23:55 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-08 23:55 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-08 23:55 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-08 23:55 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-08 23:55 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-08 23:55 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-08 23:55 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-08 23:55 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-08 23:55 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-08 23:55 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-08 23:55 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-08 23:55 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-08 23:55 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-08 23:55 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-08 23:55 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-08 23:55 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-08 23:55 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-08 23:55 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-08 23:54 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 23:54 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 23:54 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-08 23:54 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-08 23:54 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 23:54 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 23:54 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-08 23:54 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-08 23:54 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-08 23:54 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-08 23:54 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-08 23:54 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 23:54 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 23:54 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-08 23:54 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 23:54 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 23:54 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-08 23:53 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-08 23:53 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 23:53 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-08 23:53 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-08 23:53 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-08 23:53 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 23:53 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-08 23:53 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-08 23:53 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 23:53 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 23:53 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-08 23:52 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 23:52 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-08 23:52 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 23:52 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-08 23:52 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-07 21:52 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-07 21:52 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-07 21:52 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-07 21:52 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-07 21:52 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-07 21:52 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-07 21:52 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-07 21:52 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-09-07 21:52 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-07 21:52 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-07 21:52 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-07 21:52 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-09-07 21:51 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-07 21:49 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-07 21:49 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-07 21:49 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-07 21:49 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-07 21:49 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-07 21:49 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-07 21:49 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-07 21:49 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-07 21:49 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-07 21:49 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-07 21:49 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-07 21:49 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-07 21:49 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-07 21:49 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-07 20:31 - 2015-09-07 22:09 - 00000000 ____D C:\Users\Petra\Desktop\House.of.Cards.1x04
2015-09-07 20:31 - 2015-09-07 20:36 - 00000000 ____D C:\Users\Petra\Desktop\House.of.Cards.1x03
2015-09-07 20:31 - 2015-09-07 20:31 - 00000000 ____D C:\Users\Petra\AppData\Local\bvxvbxvd
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-01 19:28 - 2015-04-15 11:28 - 00001296 _____ C:\Windows\Tasks\dress4u_notification_service.job
2015-10-01 19:24 - 2014-09-21 23:19 - 00003470 _____ C:\Windows\Tasks\55d88d94-6b9b-4c81-bb2c-9653d27581f8-6.job
2015-10-01 19:12 - 2015-05-29 13:12 - 00000490 _____ C:\Windows\Tasks\max_deal_helper_service.job
2015-10-01 19:12 - 2014-09-21 23:07 - 00003454 _____ C:\Windows\Tasks\43cc8831-6f77-411c-8874-7963182a57f1-6.job
2015-10-01 18:50 - 2015-05-29 18:50 - 00000538 _____ C:\Windows\Tasks\crazy_shopperama_helper_service.job
2015-10-01 18:49 - 2010-03-08 14:45 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-01 18:48 - 2011-02-14 14:36 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job
2015-10-01 18:18 - 2015-01-05 23:19 - 00000000 ____D C:\ProgramData\SafetyNut
2015-10-01 17:52 - 2010-01-03 17:06 - 00000000 ____D C:\Users\Petra\AppData\Local\Google
2015-10-01 17:40 - 2013-03-15 03:24 - 00001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2015-10-01 17:40 - 2013-03-15 03:24 - 00000977 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2015-10-01 17:38 - 2009-11-03 18:48 - 01280505 _____ C:\Windows\WindowsUpdate.log
2015-10-01 17:30 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-01 17:30 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-01 17:26 - 2014-09-21 23:14 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411334032
2015-10-01 17:26 - 2014-09-21 23:13 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-01 17:22 - 2014-09-21 23:21 - 00002446 _____ C:\Windows\Tasks\55d88d94-6b9b-4c81-bb2c-9653d27581f8-5_user.job
2015-10-01 17:22 - 2014-09-21 23:07 - 00000992 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-10-01 17:21 - 2015-04-15 12:28 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-01 17:21 - 2015-04-15 11:28 - 00000658 _____ C:\Windows\Tasks\dress4u_updating_service.job
2015-10-01 17:21 - 2014-09-21 23:21 - 00002446 _____ C:\Windows\Tasks\55d88d94-6b9b-4c81-bb2c-9653d27581f8-5.job
2015-10-01 17:21 - 2014-09-21 23:21 - 00001482 _____ C:\Windows\Tasks\9d49669d-134c-4583-a8ad-a116825ab887.job
2015-10-01 17:21 - 2014-09-21 23:20 - 00003814 _____ C:\Windows\Tasks\55d88d94-6b9b-4c81-bb2c-9653d27581f8-4.job
2015-10-01 17:21 - 2014-09-21 23:20 - 00002786 _____ C:\Windows\Tasks\55d88d94-6b9b-4c81-bb2c-9653d27581f8-1.job
2015-10-01 17:21 - 2014-09-21 23:19 - 00003470 _____ C:\Windows\Tasks\55d88d94-6b9b-4c81-bb2c-9653d27581f8-7.job
2015-10-01 17:21 - 2014-09-21 23:19 - 00000648 _____ C:\Windows\Tasks\6aa67665-f868-4eb8-a5d9-4bb93d419510.job
2015-10-01 17:21 - 2014-09-21 23:18 - 00004496 _____ C:\Windows\Tasks\55d88d94-6b9b-4c81-bb2c-9653d27581f8-11.job
2015-10-01 17:21 - 2014-09-21 23:17 - 00003814 _____ C:\Windows\Tasks\55d88d94-6b9b-4c81-bb2c-9653d27581f8-3.job
2015-10-01 17:21 - 2014-09-21 23:10 - 00002430 _____ C:\Windows\Tasks\43cc8831-6f77-411c-8874-7963182a57f1-5_user.job
2015-10-01 17:21 - 2014-09-21 23:10 - 00002430 _____ C:\Windows\Tasks\43cc8831-6f77-411c-8874-7963182a57f1-5.job
2015-10-01 17:21 - 2014-09-21 23:09 - 00001384 _____ C:\Windows\Tasks\c4d27c93-3dc5-42f6-8655-3e8977ad7381.job
2015-10-01 17:21 - 2014-09-21 23:08 - 00004142 _____ C:\Windows\Tasks\43cc8831-6f77-411c-8874-7963182a57f1-4.job
2015-10-01 17:21 - 2014-09-21 23:08 - 00002754 _____ C:\Windows\Tasks\43cc8831-6f77-411c-8874-7963182a57f1-1.job
2015-10-01 17:21 - 2014-09-21 23:07 - 00004480 _____ C:\Windows\Tasks\43cc8831-6f77-411c-8874-7963182a57f1-11.job
2015-10-01 17:21 - 2014-09-21 23:07 - 00003118 _____ C:\Windows\Tasks\43cc8831-6f77-411c-8874-7963182a57f1-7.job
2015-10-01 17:21 - 2014-09-21 23:07 - 00003118 _____ C:\Windows\Tasks\43cc8831-6f77-411c-8874-7963182a57f1-3.job
2015-10-01 17:21 - 2014-09-21 23:07 - 00000988 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-10-01 17:21 - 2014-09-21 23:07 - 00000550 _____ C:\Windows\Tasks\b2036cc6-9cbe-4874-bf1c-c7a2badb2cbc.job
2015-10-01 17:21 - 2010-03-08 14:45 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-01 17:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-01 17:17 - 2009-07-14 06:51 - 00125518 _____ C:\Windows\setupact.log
2015-09-30 20:48 - 2011-02-14 14:36 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job
2015-09-30 17:59 - 2011-06-05 19:55 - 00000000 ____D C:\Users\Petra\AppData\Roaming\BitTorrent
2015-09-30 17:47 - 2011-02-14 14:38 - 00002388 _____ C:\Users\Petra\Desktop\Google Chrome.lnk
2015-09-30 01:10 - 2013-05-28 02:48 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2015-09-23 10:59 - 2012-10-01 20:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-22 20:58 - 2009-11-03 19:38 - 00669132 _____ C:\Windows\system32\perfh005.dat
2015-09-22 20:58 - 2009-11-03 19:38 - 00141760 _____ C:\Windows\system32\perfc005.dat
2015-09-22 20:58 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-21 20:44 - 2010-03-08 14:45 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-21 20:44 - 2010-03-08 14:45 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-21 20:43 - 2011-02-14 14:36 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA
2015-09-21 20:43 - 2011-02-14 14:36 - 00003536 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core
2015-09-15 21:40 - 2009-09-04 07:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 12:11 - 2009-07-14 06:45 - 00334536 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 12:07 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 12:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 11:26 - 2013-08-14 01:15 - 00000000 ____D C:\Windows\system32\MRT
2015-09-08 22:27 - 2014-12-16 02:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-08 22:27 - 2014-05-08 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-08 22:26 - 2013-03-14 04:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-08 22:26 - 2013-03-14 04:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-08 22:26 - 2009-09-04 08:02 - 01000048 _____ C:\Windows\PFRO.log
2015-09-07 23:34 - 2013-03-14 04:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-07 20:45 - 2013-02-13 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-09-07 20:31 - 2014-09-21 21:47 - 00000000 ____D C:\Program Files (x86)\SearchProtect
==================== Files in the root of some directories =======
2009-09-04 07:34 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2013-12-08 17:25 - 2014-11-23 22:48 - 0000000 _____ () C:\Users\Petra\AppData\Roaming\bibstats
2011-07-27 21:32 - 2011-07-27 21:33 - 0000000 _____ () C:\Users\Petra\AppData\Local\{9C866B05-B335-4D28-9FB3-F6809F729EAE}
2009-09-04 07:35 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
Some files in TEMP:
====================
C:\Users\Petra\AppData\Local\Temp\5132.exe
C:\Users\Petra\AppData\Local\Temp\63285_updater.exe
C:\Users\Petra\AppData\Local\Temp\63311_updater.exe
C:\Users\Petra\AppData\Local\Temp\bitool.dll
C:\Users\Petra\AppData\Local\Temp\CloudBackup6338.exe
C:\Users\Petra\AppData\Local\Temp\clp1.exe
C:\Users\Petra\AppData\Local\Temp\DeltaTB.exe
C:\Users\Petra\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Petra\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Petra\AppData\Local\Temp\GLF397B.tmp.ConduitEngineSetup.exe
C:\Users\Petra\AppData\Local\Temp\GURE1B0.exe
C:\Users\Petra\AppData\Local\Temp\iet32E1.tmp.exe
C:\Users\Petra\AppData\Local\Temp\iu2qzfcd.nyy.exe
C:\Users\Petra\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe
C:\Users\Petra\AppData\Local\Temp\onlysetup.exe
C:\Users\Petra\AppData\Local\Temp\passwordbox_setup.exe
C:\Users\Petra\AppData\Local\Temp\PCPerformerSetup.exe
C:\Users\Petra\AppData\Local\Temp\res.dll
C:\Users\Petra\AppData\Local\Temp\run.exe
C:\Users\Petra\AppData\Local\Temp\Runner.exe
C:\Users\Petra\AppData\Local\Temp\Setup.exe
C:\Users\Petra\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Petra\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Petra\AppData\Local\Temp\uninst1.exe
C:\Users\Petra\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Petra\AppData\Local\Temp\utt9C53.tmp.exe
C:\Users\Petra\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Petra\AppData\Local\Temp\WeatherBugSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Petra\Desktop" je 189045 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakující okna, samonačítání stránek po clicknutí do okna
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Vyskakující okna, samonačítání stránek po clicknutí do okna
- Přílohy
-
- Addition.rar
- (5.42 KiB) Staženo 104 x
Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner[C?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Ahoj, posílám požadovaný log...
# AdwCleaner v5.009 - Logfile created 02/10/2015 at 12:08:53
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Petra - PETRA-PC
# Running from : C:\Users\Petra\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[!] Service Not Deleted : CltMngSvc
[!] Service Not Deleted : SafetyNutManager
[!] Service Not Deleted : SPPD
[!] Service Not Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
***** [ Folders ] *****
[#] Folder Deleted : C:\Program Files (x86)\Movies App
[#] Folder Deleted : C:\Program Files (x86)\SearchProtect
[#] Folder Deleted : C:\ProgramData\SafetyNut
[#] Folder Deleted : C:\Users\Petra\AppData\Local\SearchProtect
***** [ Files ] *****
[-] File Deleted : C:\Windows\apppatch\apppatch64\vcldr64.dll
[-] File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
[-] File Deleted : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
[-] File Deleted : C:\Windows\AppPatch\nbin\VC32Loader.dll
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : EPUpdater
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : LaunchSignup
[-] Task Deleted : avaavxvyex
[-] Task Deleted : dress4u_updating_service
[-] Task Deleted : dress4u_notification_service
[-] Task Deleted : bvxvdxvx
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-1
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-11
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-3
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-4
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-5
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-5_user
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-6
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-7
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-1
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-11
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-3
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-4
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-5
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-5_user
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-6
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-7
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-1
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-11
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-3
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-4
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-5
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-5_user
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-6
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-7
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-1
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-11
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-3
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-4
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-5
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-5_user
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-6
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-7
[-] Task Deleted : crazy_shopperama_helper_service
[-] Task Deleted : dress4u_notification_service
[-] Task Deleted : dress4u_updating_service
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : max_deal_helper_service
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FLV Player]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Only-search]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Key Deleted : HKLM\SOFTWARE\Classes\d
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard
[-] Key Deleted : HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
[-] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
[-] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
[!] Value Not Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
[!] Value Not Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
[-] Key Deleted : HKCU\Software\Classes\keepmysearch
[-] Key Deleted : HKLM\SOFTWARE\Classes\SDP
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TheTorntv V10-bg.exe]
[-] Key Deleted : HKCU\Software\5de8adcbc69e542
[-] Key Deleted : HKLM\SOFTWARE\264771a7-49ed-4082-8712-e7e8720c921f
[-] Key Deleted : HKLM\SOFTWARE\5de8adcbc69e542
[-] Key Deleted : HKLM\SOFTWARE\965b998f-a348-46a1-8d10-bbfcad458a08
[-] Key Deleted : HKLM\SOFTWARE\9a8a8512-6176-4656-b209-f97bfe8207a6
[-] Key Deleted : HKLM\SOFTWARE\e320ef18-f046-4ab8-bec8-9d17084a87de
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37785935-74fd-4cb8-85ad-7ea8639a3d41}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4c24b9e5-6b8e-4eaa-92ea-a8d22b09a70f}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84e9fe09-5df9-443e-acdc-3865bef3271c}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c0f98b86-01a4-420a-a1b8-6f93c395c432}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fea0d7c4-2711-4ac5-ad39-1c6ae1a7a2bc}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37785935-74fd-4cb8-85ad-7ea8639a3d41}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4c24b9e5-6b8e-4eaa-92ea-a8d22b09a70f}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84e9fe09-5df9-443e-acdc-3865bef3271c}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c0f98b86-01a4-420a-a1b8-6f93c395c432}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fea0d7c4-2711-4ac5-ad39-1c6ae1a7a2bc}
[-] Key Deleted : HKU\.DEFAULT\Software\TornTv Downloader
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\TheTorntv V10
[-] Key Deleted : HKCU\Software\1ClickDownload
[-] Key Deleted : HKCU\Software\APNDTX
[-] Key Deleted : HKCU\Software\BABSOLUTION
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DataMngr
[+] Key Deleted : HKCU\Software\DataMngr_Toolbar
[-] Key Deleted : HKCU\Software\Delta
[-] Key Deleted : HKCU\Software\filescout
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\SafetyNut
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\Somoto
[-] Key Deleted : HKCU\Software\Tbccint_HKLM
[-] Key Deleted : HKCU\Software\Webplayer
[-] Key Deleted : HKCU\Software\TornTv Downloader
[-] Key Deleted : HKCU\Software\Video Player
[!] Key Not Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
[-] Key Deleted : HKCU\Software\AppDataLow\Software\TheTorntv V10
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[!] Key Not Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\DataMngr
[-] Key Deleted : HKLM\SOFTWARE\Delta
[-] Key Deleted : HKLM\SOFTWARE\FlvPlayer
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\SafetyNut
[-] Key Deleted : HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\TheTorntv V10
[-] Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
[-] Key Deleted : HKLM\SOFTWARE\SPPDCOM
[!] Key Not Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FlvPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TheTorntv V10
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[!] Key Not Deleted : [x64] HKCU\Software\1ClickDownload
[!] Key Not Deleted : [x64] HKCU\Software\APNDTX
[!] Key Not Deleted : [x64] HKCU\Software\BABSOLUTION
[!] Key Not Deleted : [x64] HKCU\Software\BI
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\DataMngr
[!] Key Not Deleted : [x64] HKCU\Software\DataMngr_Toolbar
[!] Key Not Deleted : [x64] HKCU\Software\Delta
[!] Key Not Deleted : [x64] HKCU\Software\filescout
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\SafetyNut
[!] Key Not Deleted : [x64] HKCU\Software\Softonic
[!] Key Not Deleted : [x64] HKCU\Software\Somoto
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint_HKLM
[!] Key Not Deleted : [x64] HKCU\Software\Webplayer
[!] Key Not Deleted : [x64] HKCU\Software\TornTv Downloader
[!] Key Not Deleted : [x64] HKCU\Software\Video Player
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\TheTorntv V10
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\BackgroundContainer
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\ConduitSearchScopes
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\PriceGong
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\TheTorntv V10
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\BackgroundContainerV2
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\TheTorntv V10
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[!] Data Not Restored : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{476795EB-7647-4463-A8C5-FAEA15F0EEFC}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4A720000-424D-40a9-A87E-3EBD3E7536CA}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{476795EB-7647-4463-A8C5-FAEA15F0EEFC}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4A720000-424D-40a9-A87E-3EBD3E7536CA}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Data Restored : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{476795EB-7647-4463-A8C5-FAEA15F0EEFC}
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4A720000-424D-40a9-A87E-3EBD3E7536CA}
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
***** [ Web browsers ] *****
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mkv-player.en.softonic.com
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-search.com
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : dts.search.ask.com
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : webssearches
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaimdcedbpbcjjbbnfcbbjcngmomic
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [35508 bytes] ##########
# AdwCleaner v5.009 - Logfile created 02/10/2015 at 12:08:53
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Petra - PETRA-PC
# Running from : C:\Users\Petra\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[!] Service Not Deleted : CltMngSvc
[!] Service Not Deleted : SafetyNutManager
[!] Service Not Deleted : SPPD
[!] Service Not Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
***** [ Folders ] *****
[#] Folder Deleted : C:\Program Files (x86)\Movies App
[#] Folder Deleted : C:\Program Files (x86)\SearchProtect
[#] Folder Deleted : C:\ProgramData\SafetyNut
[#] Folder Deleted : C:\Users\Petra\AppData\Local\SearchProtect
***** [ Files ] *****
[-] File Deleted : C:\Windows\apppatch\apppatch64\vcldr64.dll
[-] File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
[-] File Deleted : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
[-] File Deleted : C:\Windows\AppPatch\nbin\VC32Loader.dll
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : EPUpdater
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : LaunchSignup
[-] Task Deleted : avaavxvyex
[-] Task Deleted : dress4u_updating_service
[-] Task Deleted : dress4u_notification_service
[-] Task Deleted : bvxvdxvx
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-1
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-11
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-3
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-4
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-5
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-5_user
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-6
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-7
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-1
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-11
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-3
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-4
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-5
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-5_user
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-6
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-7
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-1
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-11
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-3
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-4
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-5
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-5_user
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-6
[-] Task Deleted : 43cc8831-6f77-411c-8874-7963182a57f1-7
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-1
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-11
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-3
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-4
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-5
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-5_user
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-6
[-] Task Deleted : 55d88d94-6b9b-4c81-bb2c-9653d27581f8-7
[-] Task Deleted : crazy_shopperama_helper_service
[-] Task Deleted : dress4u_notification_service
[-] Task Deleted : dress4u_updating_service
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : max_deal_helper_service
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FLV Player]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Only-search]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Key Deleted : HKLM\SOFTWARE\Classes\d
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard
[-] Key Deleted : HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
[-] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
[-] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
[!] Value Not Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
[!] Value Not Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
[-] Key Deleted : HKCU\Software\Classes\keepmysearch
[-] Key Deleted : HKLM\SOFTWARE\Classes\SDP
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TheTorntv V10-bg.exe]
[-] Key Deleted : HKCU\Software\5de8adcbc69e542
[-] Key Deleted : HKLM\SOFTWARE\264771a7-49ed-4082-8712-e7e8720c921f
[-] Key Deleted : HKLM\SOFTWARE\5de8adcbc69e542
[-] Key Deleted : HKLM\SOFTWARE\965b998f-a348-46a1-8d10-bbfcad458a08
[-] Key Deleted : HKLM\SOFTWARE\9a8a8512-6176-4656-b209-f97bfe8207a6
[-] Key Deleted : HKLM\SOFTWARE\e320ef18-f046-4ab8-bec8-9d17084a87de
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37785935-74fd-4cb8-85ad-7ea8639a3d41}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4c24b9e5-6b8e-4eaa-92ea-a8d22b09a70f}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84e9fe09-5df9-443e-acdc-3865bef3271c}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c0f98b86-01a4-420a-a1b8-6f93c395c432}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fea0d7c4-2711-4ac5-ad39-1c6ae1a7a2bc}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37785935-74fd-4cb8-85ad-7ea8639a3d41}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4c24b9e5-6b8e-4eaa-92ea-a8d22b09a70f}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84e9fe09-5df9-443e-acdc-3865bef3271c}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c0f98b86-01a4-420a-a1b8-6f93c395c432}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fea0d7c4-2711-4ac5-ad39-1c6ae1a7a2bc}
[-] Key Deleted : HKU\.DEFAULT\Software\TornTv Downloader
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\TheTorntv V10
[-] Key Deleted : HKCU\Software\1ClickDownload
[-] Key Deleted : HKCU\Software\APNDTX
[-] Key Deleted : HKCU\Software\BABSOLUTION
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DataMngr
[+] Key Deleted : HKCU\Software\DataMngr_Toolbar
[-] Key Deleted : HKCU\Software\Delta
[-] Key Deleted : HKCU\Software\filescout
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\SafetyNut
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\Somoto
[-] Key Deleted : HKCU\Software\Tbccint_HKLM
[-] Key Deleted : HKCU\Software\Webplayer
[-] Key Deleted : HKCU\Software\TornTv Downloader
[-] Key Deleted : HKCU\Software\Video Player
[!] Key Not Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
[-] Key Deleted : HKCU\Software\AppDataLow\Software\TheTorntv V10
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[!] Key Not Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\DataMngr
[-] Key Deleted : HKLM\SOFTWARE\Delta
[-] Key Deleted : HKLM\SOFTWARE\FlvPlayer
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\SafetyNut
[-] Key Deleted : HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\TheTorntv V10
[-] Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
[-] Key Deleted : HKLM\SOFTWARE\SPPDCOM
[!] Key Not Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FlvPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TheTorntv V10
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[!] Key Not Deleted : [x64] HKCU\Software\1ClickDownload
[!] Key Not Deleted : [x64] HKCU\Software\APNDTX
[!] Key Not Deleted : [x64] HKCU\Software\BABSOLUTION
[!] Key Not Deleted : [x64] HKCU\Software\BI
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\DataMngr
[!] Key Not Deleted : [x64] HKCU\Software\DataMngr_Toolbar
[!] Key Not Deleted : [x64] HKCU\Software\Delta
[!] Key Not Deleted : [x64] HKCU\Software\filescout
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\SafetyNut
[!] Key Not Deleted : [x64] HKCU\Software\Softonic
[!] Key Not Deleted : [x64] HKCU\Software\Somoto
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint_HKLM
[!] Key Not Deleted : [x64] HKCU\Software\Webplayer
[!] Key Not Deleted : [x64] HKCU\Software\TornTv Downloader
[!] Key Not Deleted : [x64] HKCU\Software\Video Player
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\TheTorntv V10
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\BackgroundContainer
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\ConduitSearchScopes
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\PriceGong
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\TheTorntv V10
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\BackgroundContainerV2
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\TheTorntv V10
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[!] Data Not Restored : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{476795EB-7647-4463-A8C5-FAEA15F0EEFC}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4A720000-424D-40a9-A87E-3EBD3E7536CA}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{476795EB-7647-4463-A8C5-FAEA15F0EEFC}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4A720000-424D-40a9-A87E-3EBD3E7536CA}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Data Restored : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{476795EB-7647-4463-A8C5-FAEA15F0EEFC}
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4A720000-424D-40a9-A87E-3EBD3E7536CA}
[!] Key Not Deleted : HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
***** [ Web browsers ] *****
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mkv-player.en.softonic.com
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-search.com
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : dts.search.ask.com
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : webssearches
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaimdcedbpbcjjbbnfcbbjcngmomic
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [35508 bytes] ##########
Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Zoek.exe v5.0.0.1 Updated 30-09-2015
Tool run by Petra on p 02.10.2015 at 13:50:26,09.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Petra\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
2.10.2015 14:22:19 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\Petra\AppData\Roaming\.# deleted successfully
C:\Users\Petra\AppData\Roaming\ImperiaOnline deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B76E7A85-7322-428b-AB33-19A6A5FD1E73} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10511023-76D-4278-9655-27FC1E3B152} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11A8C9A9-986D-4389-BEB3-6F3205457B} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{123C8561-DE4B-4527-97CA-295440FCF40} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160EA218-CCDC-4E70-B5AD-BA573A84B22} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16FA7007-6A0E-46DF-AB10-D19B7AE4998A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1782A90D-8C6C-4423-B7AA-3B3A0EB78BE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18C1E697-7D05-47C5-9743-4DBE83746288} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B76D34-6491-4E7D-808D-7B47837A4F4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C5B13C2-8916-47DF-89C7-080EA6516B} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CFED23A-34A6-4131-8D35-1B71D642AF64} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6183B3-28EC-4BD0-90D5-BB38609FAF2A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{220F9966-A4D6-4525-9F2E-3D088204269} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24F94A-EB31-4145-8BD8-49CA6C5AAADA} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26A0D68-1A5F-4DA6-8093-2564AE4362D1} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26BF7ED1-5FB4-4B54-833C-17E2E4DD35A0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27A12ED5-D8C7-48AA-BDA1-4CF35E3B279} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{287FE855-7DA9-4DC1-8CD2-A7552C961DE6} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29A91CAB-9647-483F-AC2D-2358A6621A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C315475-3E38-413C-A25D-B244FD4969BE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3111212F-70AF-4EDD-943-52B25CFCC7C} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34BF3B55-143E-4508-93CC-B73B11729C93} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{356D44EA-29DA-435A-A2D3-76F06E7D6E7D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37ADF14F-6A02-4C57-90F5-1F606491AADD} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{385F765F-772D-43B0-90C7-1833B86A7DB6} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A9156FB-7BB7-4AC0-9D12-CFC732637A84} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AC9ABEC-4882-4F55-8E8D-6C189C91FE5A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C5F954E-177-42BC-8315-FC529109E7E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CD95180-DEB5-498E-9114-5E9D795EFC3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D1BE1EB-ABCA-46AC-9DDE-E0C4F16E0A4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DA38384-C456-4824-BA88-8D92D7719A6} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F27E1BD-B6C2-4A9E-BB57-3045E9256C6C} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F59648C-8CF6-42C2-A443-9E2856BC5BC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F713013-80B5-44F1-9C67-D5C17EC2BD53} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40308FFD-78D8-483D-A84E-F5BC675D95F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41D86FED-434E-4B81-9A62-3969D9E89B4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42F3CD42-4C39-4FBA-BB82-5FF298E1134} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{469C556F-8286-45A7-A5F5-1392926755EC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4875B83A-C35C-43FE-A7B3-27809CEAA3D0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{490EE0E2-B508-4872-8766-E380BA4DD8B4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{494A200C-5B09-4BFF-8483-A26A43F3AC77} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AFE7EB7-1FF-4D42-A274-5F83EF5F2982} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BBEB88B-78E9-480F-9273-7FBCB3743E1E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4c24b9e5-6b8e-4eaa-92ea-a8d22b09a70f} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52A87116-6EC3-49D0-86D4-C2AA7E420E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53B3ADB3-BCB9-499C-A06F-EB4D74F778E7} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A029BE9-DACA-4108-B13-73DC54C0D0D4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B8EDB25-2855-4E41-873C-BE20D0B649A0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CF120DC-4BFA-4946-8AE7-8CC099977482} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D6384A2-32BB-4C16-8B70-9EEFD5EA0EF} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{600A3238-73AE-4B96-AD2A-15FFA5D63C37} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60B9A3C5-372B-4A8C-BF47-9AB4BD4596FB} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63D65F48-4659-4B7F-BF7-9A31F1C2414} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6401FB88-19ED-4516-A5B1-B16822F0EB45} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{665B7412-8D98-43D5-AD9C-EE41E3BB48C} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BF3E157-231F-4AF8-9DF8-7F935E6C9C64} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C580B0C-8E56-476F-A172-4596187D379D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CBE1B35-776E-4784-9BA4-3E5B556AA93F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F4CC506-E090-4708-8DA3-337B389FFDCC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FBC9461-5125-4A80-AA7-489634BE0D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71F7492F-994E-4209-9A46-21306179DD} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71F7F450-3533-491B-970-EAB621EDEF6F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{749B3A11-E2D1-4A54-93B0-4CC46A987DCE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E69AAA-F5D4-4B7D-8BA-CC9C7C3234F9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E386285-C81C-4871-AB95-21AA2CAEC3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ED9893D-4135-4C1A-BF58-B3159F96B99E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80105AD4-8496-435F-934C-45D92F6172FC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82F89CD7-DED9-42CF-8421-3F48AF0FBA3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84e9fe09-5df9-443e-acdc-3865bef3271c} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{881E4B5F-934F-4A30-A2DE-FB9F439A173} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8902F4F4-D6B-4F40-969E-C523BB6C47AD} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A8162A8-6CC6-4DD6-B3C4-5BB658A2993} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AA49165-47B2-42AF-89C3-BA8F32D85953} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B4A72D0-80C7-4054-881-D94DDFB1196E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C2922F6-7D04-4216-AACF-6E3F4C72E525} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DB80489-FA79-41C0-9476-2CF712A8AE7} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E030E52-B5E8-4E8A-A8D3-4BB183BFCB29} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E7BAC94-30F8-454A-8E2F-19B6E8EF642A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F35D1BD-F894-4196-B539-25EBEE40335A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F4DCF82-DA37-40D0-8C64-AA4714A3D9AF} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9523F3C4-4A86-4FD5-B22C-94F7DFD57098} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9619F4BE-678C-4C53-ADAF-B023FD8EFD8} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9741E817-C4D1-49BD-B8B8-B56836AD3B7} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9816DD8D-3598-4795-B6E3-98EAEB175568} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E2F2AB-B479-4440-B9B8-D1AD8BCF555} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{996A086F-A592-437D-8F76-A8E6B752965F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9980F7F3-E4E0-4E60-89F4-371A845129} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{999026BC-CCFC-489A-AAA9-7447DA6BAB} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AEFB836-BB62-41C0-AE23-619D41D53EA0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B23B705-5686-4123-8676-E940330F5538} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D119BD-E53B-41EA-8BD6-776B1A897725} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DF81EE8-C39F-4E8E-84C4-295481469} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E1757F8-FAD5-432D-BED8-D88167E5ED5D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0A9D541-89AE-49DB-BE18-F12249A44EB2} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3B7990C-C115-4599-93AE-6C94B913F1BC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A58D70BE-338B-40F4-B91D-45792DE8417E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6AB4305-3641-4B95-B95D-6F8AA2DBB1C9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7F5DE3C-82FD-4A4B-95B4-ACD1F5DC6528} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE90CE2D-FF0A-4768-A458-8A812FA32ABB} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF034A6E-BFA5-4EED-B175-1AE9439FABD4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0A22635-11BB-42AA-B1E1-A0E79C63CC86} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0AE5EAD-85CF-45DD-9539-34559921E719} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0F9ECE4-57EE-47A4-8350-82C2C4BA35} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B15EFD07-8B27-4268-9DBD-52DBE0F8944} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4125973-92AA-4E62-A412-9801928D589} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B59F61A3-EEBF-4960-BC71-E1E64F39C1A3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B70D5BEE-81CE-46C5-8FBA-518729C27263} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7241D84-FD5-497C-A6A6-F124DAAC6033} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B76D86FA-2FA7-4CA6-A11E-721BD964FC9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c0f98b86-01a4-420a-a1b8-6f93c395c432} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C76E7FBB-4C09-4631-AE26-1C13F1D2A99F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9DB41EF-26C5-4808-8840-9BDB4CD54E4B} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAD1B8E9-B11B-4D4B-82E8-56C8D6A8EDE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCFAFA87-E45A-4AC4-ACAF-6B82B8C86C0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CED8113F-FA66-4679-8938-145C8DA17D85} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF2E3C91-65F4-4B71-8533-12529474B8F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF59EA03-F062-4A68-AF98-B5C62E7FEBB} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF9EA552-67FE-42D7-8259-F936C4CA582F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0FFD4E9-2C87-424D-B698-7CD1A2D40CE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6A61549-2951-4F2A-B389-56D79A3FFA5D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D92C5AFA-5805-4BC4-91A9-40CE272B7BAC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBCAFDEE-6CB7-4180-B656-B15FF8A7488} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC0CD7EF-F729-4307-996E-E1D8AB359A5F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCAA2761-D5DC-4E80-97CC-95ECCFCFF621} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E156A13D-3456-406F-ABBE-25A087F08BA3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5F7E306-FC40-429C-947B-38B9C8F38334} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB69D32C-1570-4E0E-99F1-E5FDF573D61} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEACCE4F-598D-4077-964D-88A29C67E4F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0D7455E-4127-4BC6-B7AA-2F139483EC84} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F181C292-7AC7-4101-A5AD-2FE6B518AA0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2103077-4029-4AA0-A8B3-206D32FA5F6} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F28B8CBE-7CDC-4C32-8519-67A0FF9CE851} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3087DB7-88B7-46F6-A9A5-EBC113BAE337} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34001E4-6CFD-4BDD-94A9-4A89963E473B} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F383D645-63CC-4B5B-81EE-731EDC496D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3AB8A26-C1A-44D3-8A97-6E25D6A518C9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5AF9F16-3101-4BD0-A9B2-49DB4FA5B1A1} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6F0B0F-6F30-48E4-A97E-A3FBAC69CFA} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F762FD37-3E36-44EE-A1C9-32C5D9CBBE2} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F979C788-B87F-443F-A145-972B4E926FAF} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FCEAA24F-B0FB-4DF0-B0FA-CB39E57E854} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fea0d7c4-2711-4ac5-ad39-1c6ae1a7a2bc} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFE4F4BF-48AA-42F4-9841-D5EFAD2A88EA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McShield deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McShield deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McSysmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McSysmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPPD deleted successfully
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Users\Petra\AppData\LocalLow\uTorrentBar deleted
C:\PROGRA~2\Crazy Shopperama deleted
C:\PROGRA~2\Max Deal deleted
C:\PROGRA~2\SearchProtect deleted
C:\extensions deleted
C:\bsplayer234.980_clip.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~3\{E0A9340B-C01B-42C1-9910-C307D7BE4756} deleted
C:\Users\Petra\AppData\Local\SearchProtect deleted
C:\Users\Petra\AppData\Local\PasswordBox Search deleted
C:\Users\Petra\AppData\Local\avgchrome deleted
C:\Users\Petra\Downloads\iMeshV12.exe deleted
C:\Users\Petra\Downloads\FreeZipSetup.exe deleted
C:\Users\Petra\Downloads\bsplayer264.1073.exe deleted
C:\Users\Petra\Downloads\bsplayer269.1079.exe deleted
C:\Users\Petra\Downloads\bsplayer_installer.exe deleted
C:\Users\Petra\Downloads\StartDownload (1).exe deleted
C:\Users\Petra\Downloads\StartDownload.exe deleted
C:\Users\Petra\Downloads\SoftonicDownloader_for_mkv-player.exe deleted
C:\Users\Petra\AppData\LocalLow\DataMngr deleted
C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\6aa67665-f868-4eb8-a5d9-4bb93d419510.job deleted
C:\Windows\tasks\9d49669d-134c-4583-a8ad-a116825ab887.job deleted
C:\Windows\tasks\b2036cc6-9cbe-4874-bf1c-c7a2badb2cbc.job deleted
C:\Windows\tasks\c4d27c93-3dc5-42f6-8655-3e8977ad7381.job deleted
C:\windows\SysNative\tasks\6aa67665-f868-4eb8-a5d9-4bb93d419510 deleted
C:\windows\SysNative\tasks\9d49669d-134c-4583-a8ad-a116825ab887 deleted
C:\windows\SysNative\tasks\b2036cc6-9cbe-4874-bf1c-c7a2badb2cbc deleted
C:\windows\SysNative\tasks\c4d27c93-3dc5-42f6-8655-3e8977ad7381 deleted
C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb deleted
C:\Windows\AppPatch\nbin\VC32Loader.dll deleted
C:\Windows\SysNative\rlls64.dll deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\Users\Petra\AppData\Local\{9C866B05-B335-4D28-9FB3-F6809F729EAE}" deleted
"C:\Users\Petra\AppData\Roaming\bibstats" deleted
"C:\Users\Petra\AppData\Roaming\StPrsSW\stprss.exe" deleted
"C:\Users\Petra\AppData\Roaming\StPrsSW" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{6904342A-8307-11DF-A508-4AE2DFD72085}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa" [23.03.2011 03:03]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fnjbmmemklcjgepojigaapkoodmkgbae - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx[08.02.2011 02:17]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 13:27]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx[08.02.2011 02:17]
AdBlock - Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Skype Click to Call - Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
TotalPlus01-3.1V21.09 - Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb
TheTorntvs V10 1.1 - Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pmijnggdaadccmmmoofgdcaikjmkiglk
==== Chromium Fix ======================
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_bittorrent.inspsearch.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_bittorrent.inspsearch.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.only-search.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.only-search.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pmijnggdaadccmmmoofgdcaikjmkiglk deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pmijnggdaadccmmmoofgdcaikjmkiglk_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pmijnggdaadccmmmoofgdcaikjmkiglk_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_pmijnggdaadccmmmoofgdcaikjmkiglk_0 deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pmijnggdaadccmmmoofgdcaikjmkiglk deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ljefoakgfhcoeobgicjgejglnpfpemgb_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ljefoakgfhcoeobgicjgejglnpfpemgb_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_ljefoakgfhcoeobgicjgejglnpfpemgb_0 deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\ljefoakgfhcoeobgicjgejglnpfpemgb deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.conduit.com?SearchSource= ... 0559&SSPV="
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=i ... AW_csCZ360"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... AW_csCZ360"
==== Reset Google Chrome ======================
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\chromepreferences was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1060e748.TMP was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF70f39177.TMP was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal.protect was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data.protect was reset successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar181CR deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Petra\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Petra\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=754 folders=150 179201193 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Petra\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Petra\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 02.10.2015 at 16:20:54,98 ======================
Tool run by Petra on p 02.10.2015 at 13:50:26,09.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Petra\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
2.10.2015 14:22:19 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\Petra\AppData\Roaming\.# deleted successfully
C:\Users\Petra\AppData\Roaming\ImperiaOnline deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B76E7A85-7322-428b-AB33-19A6A5FD1E73} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10511023-76D-4278-9655-27FC1E3B152} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11A8C9A9-986D-4389-BEB3-6F3205457B} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{123C8561-DE4B-4527-97CA-295440FCF40} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160EA218-CCDC-4E70-B5AD-BA573A84B22} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16FA7007-6A0E-46DF-AB10-D19B7AE4998A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1782A90D-8C6C-4423-B7AA-3B3A0EB78BE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18C1E697-7D05-47C5-9743-4DBE83746288} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B76D34-6491-4E7D-808D-7B47837A4F4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C5B13C2-8916-47DF-89C7-080EA6516B} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CFED23A-34A6-4131-8D35-1B71D642AF64} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6183B3-28EC-4BD0-90D5-BB38609FAF2A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{220F9966-A4D6-4525-9F2E-3D088204269} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24F94A-EB31-4145-8BD8-49CA6C5AAADA} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26A0D68-1A5F-4DA6-8093-2564AE4362D1} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26BF7ED1-5FB4-4B54-833C-17E2E4DD35A0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27A12ED5-D8C7-48AA-BDA1-4CF35E3B279} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{287FE855-7DA9-4DC1-8CD2-A7552C961DE6} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29A91CAB-9647-483F-AC2D-2358A6621A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C315475-3E38-413C-A25D-B244FD4969BE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3111212F-70AF-4EDD-943-52B25CFCC7C} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34BF3B55-143E-4508-93CC-B73B11729C93} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{356D44EA-29DA-435A-A2D3-76F06E7D6E7D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37ADF14F-6A02-4C57-90F5-1F606491AADD} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{385F765F-772D-43B0-90C7-1833B86A7DB6} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A9156FB-7BB7-4AC0-9D12-CFC732637A84} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AC9ABEC-4882-4F55-8E8D-6C189C91FE5A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C5F954E-177-42BC-8315-FC529109E7E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CD95180-DEB5-498E-9114-5E9D795EFC3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D1BE1EB-ABCA-46AC-9DDE-E0C4F16E0A4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DA38384-C456-4824-BA88-8D92D7719A6} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F27E1BD-B6C2-4A9E-BB57-3045E9256C6C} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F59648C-8CF6-42C2-A443-9E2856BC5BC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F713013-80B5-44F1-9C67-D5C17EC2BD53} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40308FFD-78D8-483D-A84E-F5BC675D95F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41D86FED-434E-4B81-9A62-3969D9E89B4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42F3CD42-4C39-4FBA-BB82-5FF298E1134} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{469C556F-8286-45A7-A5F5-1392926755EC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4875B83A-C35C-43FE-A7B3-27809CEAA3D0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{490EE0E2-B508-4872-8766-E380BA4DD8B4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{494A200C-5B09-4BFF-8483-A26A43F3AC77} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AFE7EB7-1FF-4D42-A274-5F83EF5F2982} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BBEB88B-78E9-480F-9273-7FBCB3743E1E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4c24b9e5-6b8e-4eaa-92ea-a8d22b09a70f} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52A87116-6EC3-49D0-86D4-C2AA7E420E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53B3ADB3-BCB9-499C-A06F-EB4D74F778E7} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A029BE9-DACA-4108-B13-73DC54C0D0D4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B8EDB25-2855-4E41-873C-BE20D0B649A0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CF120DC-4BFA-4946-8AE7-8CC099977482} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D6384A2-32BB-4C16-8B70-9EEFD5EA0EF} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{600A3238-73AE-4B96-AD2A-15FFA5D63C37} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60B9A3C5-372B-4A8C-BF47-9AB4BD4596FB} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63D65F48-4659-4B7F-BF7-9A31F1C2414} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6401FB88-19ED-4516-A5B1-B16822F0EB45} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{665B7412-8D98-43D5-AD9C-EE41E3BB48C} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BF3E157-231F-4AF8-9DF8-7F935E6C9C64} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C580B0C-8E56-476F-A172-4596187D379D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CBE1B35-776E-4784-9BA4-3E5B556AA93F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F4CC506-E090-4708-8DA3-337B389FFDCC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FBC9461-5125-4A80-AA7-489634BE0D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71F7492F-994E-4209-9A46-21306179DD} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71F7F450-3533-491B-970-EAB621EDEF6F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{749B3A11-E2D1-4A54-93B0-4CC46A987DCE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E69AAA-F5D4-4B7D-8BA-CC9C7C3234F9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E386285-C81C-4871-AB95-21AA2CAEC3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ED9893D-4135-4C1A-BF58-B3159F96B99E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80105AD4-8496-435F-934C-45D92F6172FC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82F89CD7-DED9-42CF-8421-3F48AF0FBA3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84e9fe09-5df9-443e-acdc-3865bef3271c} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{881E4B5F-934F-4A30-A2DE-FB9F439A173} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8902F4F4-D6B-4F40-969E-C523BB6C47AD} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A8162A8-6CC6-4DD6-B3C4-5BB658A2993} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AA49165-47B2-42AF-89C3-BA8F32D85953} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B4A72D0-80C7-4054-881-D94DDFB1196E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C2922F6-7D04-4216-AACF-6E3F4C72E525} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DB80489-FA79-41C0-9476-2CF712A8AE7} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E030E52-B5E8-4E8A-A8D3-4BB183BFCB29} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E7BAC94-30F8-454A-8E2F-19B6E8EF642A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F35D1BD-F894-4196-B539-25EBEE40335A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F4DCF82-DA37-40D0-8C64-AA4714A3D9AF} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9523F3C4-4A86-4FD5-B22C-94F7DFD57098} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9619F4BE-678C-4C53-ADAF-B023FD8EFD8} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9741E817-C4D1-49BD-B8B8-B56836AD3B7} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9816DD8D-3598-4795-B6E3-98EAEB175568} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E2F2AB-B479-4440-B9B8-D1AD8BCF555} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{996A086F-A592-437D-8F76-A8E6B752965F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9980F7F3-E4E0-4E60-89F4-371A845129} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{999026BC-CCFC-489A-AAA9-7447DA6BAB} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AEFB836-BB62-41C0-AE23-619D41D53EA0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B23B705-5686-4123-8676-E940330F5538} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D119BD-E53B-41EA-8BD6-776B1A897725} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DF81EE8-C39F-4E8E-84C4-295481469} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E1757F8-FAD5-432D-BED8-D88167E5ED5D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0A9D541-89AE-49DB-BE18-F12249A44EB2} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3B7990C-C115-4599-93AE-6C94B913F1BC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A58D70BE-338B-40F4-B91D-45792DE8417E} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6AB4305-3641-4B95-B95D-6F8AA2DBB1C9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7F5DE3C-82FD-4A4B-95B4-ACD1F5DC6528} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE90CE2D-FF0A-4768-A458-8A812FA32ABB} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF034A6E-BFA5-4EED-B175-1AE9439FABD4} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0A22635-11BB-42AA-B1E1-A0E79C63CC86} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0AE5EAD-85CF-45DD-9539-34559921E719} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0F9ECE4-57EE-47A4-8350-82C2C4BA35} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B15EFD07-8B27-4268-9DBD-52DBE0F8944} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4125973-92AA-4E62-A412-9801928D589} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B59F61A3-EEBF-4960-BC71-E1E64F39C1A3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B70D5BEE-81CE-46C5-8FBA-518729C27263} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7241D84-FD5-497C-A6A6-F124DAAC6033} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B76D86FA-2FA7-4CA6-A11E-721BD964FC9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c0f98b86-01a4-420a-a1b8-6f93c395c432} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C76E7FBB-4C09-4631-AE26-1C13F1D2A99F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9DB41EF-26C5-4808-8840-9BDB4CD54E4B} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAD1B8E9-B11B-4D4B-82E8-56C8D6A8EDE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCFAFA87-E45A-4AC4-ACAF-6B82B8C86C0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CED8113F-FA66-4679-8938-145C8DA17D85} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF2E3C91-65F4-4B71-8533-12529474B8F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF59EA03-F062-4A68-AF98-B5C62E7FEBB} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF9EA552-67FE-42D7-8259-F936C4CA582F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0FFD4E9-2C87-424D-B698-7CD1A2D40CE} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6A61549-2951-4F2A-B389-56D79A3FFA5D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D92C5AFA-5805-4BC4-91A9-40CE272B7BAC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBCAFDEE-6CB7-4180-B656-B15FF8A7488} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC0CD7EF-F729-4307-996E-E1D8AB359A5F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCAA2761-D5DC-4E80-97CC-95ECCFCFF621} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E156A13D-3456-406F-ABBE-25A087F08BA3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5F7E306-FC40-429C-947B-38B9C8F38334} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB69D32C-1570-4E0E-99F1-E5FDF573D61} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEACCE4F-598D-4077-964D-88A29C67E4F} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0D7455E-4127-4BC6-B7AA-2F139483EC84} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F181C292-7AC7-4101-A5AD-2FE6B518AA0} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2103077-4029-4AA0-A8B3-206D32FA5F6} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F28B8CBE-7CDC-4C32-8519-67A0FF9CE851} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3087DB7-88B7-46F6-A9A5-EBC113BAE337} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34001E4-6CFD-4BDD-94A9-4A89963E473B} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F383D645-63CC-4B5B-81EE-731EDC496D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3AB8A26-C1A-44D3-8A97-6E25D6A518C9} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5AF9F16-3101-4BD0-A9B2-49DB4FA5B1A1} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6F0B0F-6F30-48E4-A97E-A3FBAC69CFA} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F762FD37-3E36-44EE-A1C9-32C5D9CBBE2} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F979C788-B87F-443F-A145-972B4E926FAF} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FCEAA24F-B0FB-4DF0-B0FA-CB39E57E854} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fea0d7c4-2711-4ac5-ad39-1c6ae1a7a2bc} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFE4F4BF-48AA-42F4-9841-D5EFAD2A88EA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McShield deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McShield deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McSysmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McSysmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPPD deleted successfully
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Users\Petra\AppData\LocalLow\uTorrentBar deleted
C:\PROGRA~2\Crazy Shopperama deleted
C:\PROGRA~2\Max Deal deleted
C:\PROGRA~2\SearchProtect deleted
C:\extensions deleted
C:\bsplayer234.980_clip.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~3\{E0A9340B-C01B-42C1-9910-C307D7BE4756} deleted
C:\Users\Petra\AppData\Local\SearchProtect deleted
C:\Users\Petra\AppData\Local\PasswordBox Search deleted
C:\Users\Petra\AppData\Local\avgchrome deleted
C:\Users\Petra\Downloads\iMeshV12.exe deleted
C:\Users\Petra\Downloads\FreeZipSetup.exe deleted
C:\Users\Petra\Downloads\bsplayer264.1073.exe deleted
C:\Users\Petra\Downloads\bsplayer269.1079.exe deleted
C:\Users\Petra\Downloads\bsplayer_installer.exe deleted
C:\Users\Petra\Downloads\StartDownload (1).exe deleted
C:\Users\Petra\Downloads\StartDownload.exe deleted
C:\Users\Petra\Downloads\SoftonicDownloader_for_mkv-player.exe deleted
C:\Users\Petra\AppData\LocalLow\DataMngr deleted
C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\6aa67665-f868-4eb8-a5d9-4bb93d419510.job deleted
C:\Windows\tasks\9d49669d-134c-4583-a8ad-a116825ab887.job deleted
C:\Windows\tasks\b2036cc6-9cbe-4874-bf1c-c7a2badb2cbc.job deleted
C:\Windows\tasks\c4d27c93-3dc5-42f6-8655-3e8977ad7381.job deleted
C:\windows\SysNative\tasks\6aa67665-f868-4eb8-a5d9-4bb93d419510 deleted
C:\windows\SysNative\tasks\9d49669d-134c-4583-a8ad-a116825ab887 deleted
C:\windows\SysNative\tasks\b2036cc6-9cbe-4874-bf1c-c7a2badb2cbc deleted
C:\windows\SysNative\tasks\c4d27c93-3dc5-42f6-8655-3e8977ad7381 deleted
C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb deleted
C:\Windows\AppPatch\nbin\VC32Loader.dll deleted
C:\Windows\SysNative\rlls64.dll deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\Users\Petra\AppData\Local\{9C866B05-B335-4D28-9FB3-F6809F729EAE}" deleted
"C:\Users\Petra\AppData\Roaming\bibstats" deleted
"C:\Users\Petra\AppData\Roaming\StPrsSW\stprss.exe" deleted
"C:\Users\Petra\AppData\Roaming\StPrsSW" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{6904342A-8307-11DF-A508-4AE2DFD72085}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa" [23.03.2011 03:03]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fnjbmmemklcjgepojigaapkoodmkgbae - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx[08.02.2011 02:17]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 13:27]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx[08.02.2011 02:17]
AdBlock - Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Skype Click to Call - Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
TotalPlus01-3.1V21.09 - Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb
TheTorntvs V10 1.1 - Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pmijnggdaadccmmmoofgdcaikjmkiglk
==== Chromium Fix ======================
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_bittorrent.inspsearch.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_bittorrent.inspsearch.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.only-search.com_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.only-search.com_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\pmijnggdaadccmmmoofgdcaikjmkiglk deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pmijnggdaadccmmmoofgdcaikjmkiglk_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pmijnggdaadccmmmoofgdcaikjmkiglk_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_pmijnggdaadccmmmoofgdcaikjmkiglk_0 deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pmijnggdaadccmmmoofgdcaikjmkiglk deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ljefoakgfhcoeobgicjgejglnpfpemgb_0.localstorage deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ljefoakgfhcoeobgicjgejglnpfpemgb_0.localstorage-journal deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_ljefoakgfhcoeobgicjgejglnpfpemgb_0 deleted successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\ljefoakgfhcoeobgicjgejglnpfpemgb deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.conduit.com?SearchSource= ... 0559&SSPV="
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=i ... AW_csCZ360"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... AW_csCZ360"
==== Reset Google Chrome ======================
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\chromepreferences was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1060e748.TMP was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF70f39177.TMP was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal.protect was reset successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Web Data.protect was reset successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Petra\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar181CR deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Petra\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Petra\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=754 folders=150 179201193 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Petra\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Petra\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 02.10.2015 at 16:20:54,98 ======================
Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Poprosim o novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
Ran by Petra (administrator) on PETRA-PC (03-10-2015 15:18:48)
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: Petra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\PLFSetI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(forum.viry.cz) C:\Users\Petra\Desktop\FRST-OlderVersion\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7940128 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [489472 2009-08-20] (Acer Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-11-03] ()
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1191432 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-02-15] ()
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-04] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [Google Update] => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [BIBLauncher] => C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [3950384 2013-10-24] ()
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-04] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\MountPoints2: {031453fe-1b6e-11e5-b873-001e3324be46} - D:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~2.DLL => No File
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies app\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies app\safetynut\safetycrt.dll
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2013-12-04] (AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-08-06] (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-08-06] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2009-09-04]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-11-03]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{01960AB4-79F8-4BA5-AD01-1CB3C624A2FB}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F131376F-ED36-48CF-AF13-76D499909E85}: [DhcpNameServer] 10.0.0.2
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ360
BHO: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho64.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
BHO-x32: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2014-08-26] (PasswordBox, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-04] (AVAST Software)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Toolbar: HKLM - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
Toolbar: HKLM-x32 - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll [2008-10-08] ()
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-04] (AVAST Software)
Toolbar: HKLM-x32 - PasswordBox - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2014-08-26] (PasswordBox, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-161823599-738129010-2060771426-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Petra\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-161823599-738129010-2060771426-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Petra\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-03-23]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-03-23]
Chrome:
=======
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-02]
CHR Extension: (Dokumenty Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-17]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-17]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-17]
CHR Extension: (Tabulky Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-02]
CHR Extension: (DivX HiQ) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-03-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-09]
CHR Extension: (Skype Click to Call) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-03-13]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-17]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
StartMenuInternet: Google Chrome - C:\Users\Petra\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-04] (AVAST Software)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [787968 2009-08-20] (Acer Incorporated) [File not signed]
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-11-02] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-04] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-04] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S1 vaqzhgnq; \??\C:\Windows\system32\drivers\vaqzhgnq.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-03 15:18 - 2015-10-03 15:18 - 00000000 ____D C:\Users\Petra\Desktop\FRST-OlderVersion
2015-10-02 22:52 - 2015-10-02 23:19 - 492535192 _____ C:\Users\Petra\Downloads\Final---pustit.mp4
2015-10-02 16:22 - 2015-10-02 16:22 - 00044604 _____ C:\Users\Petra\Desktop\zoek-results.txt
2015-10-02 16:21 - 2015-10-02 16:21 - 00000000 ___RD C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2015-10-02 15:02 - 2015-10-02 13:40 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-10-02 14:46 - 2015-10-02 16:20 - 00000000 ____D C:\zoek
2015-10-02 14:21 - 2015-10-02 16:20 - 00044604 _____ C:\zoek-results.log
2015-10-02 13:44 - 2015-10-02 13:45 - 00654813 _____ C:\Users\Petra\Downloads\Setup (1).zip
2015-10-02 13:44 - 2015-10-02 13:44 - 01309184 _____ C:\Users\Petra\Downloads\zoek.exe
2015-10-02 13:40 - 2015-10-02 14:57 - 00000000 ____D C:\zoek_backup
2015-10-02 13:37 - 2015-10-02 13:37 - 00654810 _____ C:\Users\Petra\Downloads\Setup.zip
2015-10-02 13:36 - 2015-10-02 13:37 - 01309184 _____ C:\Users\Petra\Desktop\zoek.exe
2015-10-02 12:12 - 2015-10-02 12:12 - 00035800 _____ C:\Users\Petra\Desktop\AdwCleaner[C2].txt
2015-10-02 12:02 - 2015-10-02 12:08 - 00000000 ____D C:\AdwCleaner
2015-10-02 12:01 - 2015-10-02 12:01 - 01670656 _____ C:\Users\Petra\Desktop\adwcleaner_5.009.exe
2015-10-01 19:54 - 2015-10-01 19:54 - 00005548 _____ C:\Users\Petra\Desktop\Addition.rar
2015-10-01 19:54 - 2015-10-01 19:54 - 00000000 ____D C:\Users\Petra\AppData\Roaming\WinRAR
2015-10-01 19:52 - 2015-10-01 19:52 - 00000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-10-01 19:52 - 2015-10-01 19:52 - 00000000 ____D C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-01 19:52 - 2015-10-01 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-01 19:52 - 2015-10-01 19:52 - 00000000 ____D C:\Program Files\WinRAR
2015-10-01 19:51 - 2015-10-01 19:51 - 02129208 _____ C:\Users\Petra\Downloads\winrar-x64-521cz.exe
2015-10-01 18:37 - 2015-10-03 15:20 - 00022017 _____ C:\Users\Petra\Desktop\FRST.txt
2015-10-01 18:37 - 2015-10-03 15:18 - 00000000 ____D C:\FRST
2015-10-01 18:22 - 2015-10-01 18:22 - 00112640 _____ (forum.viry.cz) C:\Users\Petra\Downloads\FRSTLauncher.exe
2015-10-01 18:07 - 2015-10-03 15:18 - 02193408 _____ (Farbar) C:\Users\Petra\Desktop\FRST64.exe
2015-10-01 17:39 - 2015-10-01 17:41 - 00681952 _____ C:\Users\Petra\Downloads\Setup (3).exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup.exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup (2).exe
2015-10-01 17:38 - 2015-10-01 17:39 - 00681952 _____ C:\Users\Petra\Downloads\Setup (1).exe
2015-09-30 17:57 - 2015-09-30 17:58 - 03393608 _____ (Lucky Driver LLC) C:\Users\Petra\Downloads\House_of_Cards_S01e09Mux_-_XviD_-_Ita_Eng_Mp3_-_Sub_Ita_EngTNT_downloader.exe
2015-09-30 17:56 - 2015-09-30 17:56 - 01588386 _____ C:\Users\Petra\Downloads\House.of.Cards.S01e09[Mux.ace
2015-09-10 11:47 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-10 11:47 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-08 23:57 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 23:57 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 23:57 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-08 23:57 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-08 23:57 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-08 23:57 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 23:57 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-08 23:57 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 23:56 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 23:56 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-08 23:56 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-08 23:56 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-08 23:56 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-08 23:56 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-08 23:56 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 23:56 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 23:56 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-08 23:56 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-08 23:56 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 23:56 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-08 23:56 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-08 23:56 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-08 23:56 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-08 23:56 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-08 23:56 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-08 23:56 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-08 23:56 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 23:56 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-08 23:56 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-08 23:56 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-08 23:56 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-08 23:56 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-08 23:56 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 23:56 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-08 23:56 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-08 23:56 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-08 23:56 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 23:56 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-08 23:56 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-08 23:56 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 23:56 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 23:56 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 23:56 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-08 23:56 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 23:56 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-08 23:56 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-08 23:56 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-08 23:56 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-08 23:56 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 23:56 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 23:56 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 23:56 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-08 23:56 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-08 23:56 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 23:56 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 23:56 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 23:56 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 23:56 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-08 23:56 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-08 23:56 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-08 23:56 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-08 23:56 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-08 23:56 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-08 23:56 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-08 23:55 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 23:55 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-08 23:55 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-08 23:55 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 23:55 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-08 23:55 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 23:55 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-08 23:55 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-08 23:55 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-08 23:55 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 23:55 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-08 23:55 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-08 23:55 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-08 23:55 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-08 23:55 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-08 23:55 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-08 23:55 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-08 23:55 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-08 23:55 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-08 23:55 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-08 23:55 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-08 23:55 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-08 23:55 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-08 23:55 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-08 23:55 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-08 23:55 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-08 23:55 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-08 23:55 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-08 23:55 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-08 23:55 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-08 23:55 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-08 23:55 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-08 23:55 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-08 23:55 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-08 23:54 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 23:54 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 23:54 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-08 23:54 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-08 23:54 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 23:54 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 23:54 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-08 23:54 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-08 23:54 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-08 23:54 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-08 23:54 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-08 23:54 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 23:54 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 23:54 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-08 23:54 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 23:54 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 23:54 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-08 23:53 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-08 23:53 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 23:53 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-08 23:53 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-08 23:53 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-08 23:53 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 23:53 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-08 23:53 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-08 23:53 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 23:53 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 23:53 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-08 23:52 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 23:52 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-08 23:52 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 23:52 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-08 23:52 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-07 21:52 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-07 21:52 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-07 21:52 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-07 21:52 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-07 21:52 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-07 21:52 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-07 21:52 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-07 21:52 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-09-07 21:52 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-07 21:52 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-07 21:52 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-07 21:52 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-09-07 21:51 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-07 21:49 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-07 21:49 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-07 21:49 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-07 21:49 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-07 21:49 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-07 21:49 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-07 21:49 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-07 21:49 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-07 21:49 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-07 21:49 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-07 21:49 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-07 21:49 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-07 21:49 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-07 21:49 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-07 20:31 - 2015-09-07 22:09 - 00000000 ____D C:\Users\Petra\Desktop\House.of.Cards.1x04
2015-09-07 20:31 - 2015-09-07 20:36 - 00000000 ____D C:\Users\Petra\Desktop\House.of.Cards.1x03
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-03 15:16 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-03 15:16 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-03 15:12 - 2010-03-08 14:45 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-03 15:11 - 2011-02-14 14:36 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job
2015-10-03 15:11 - 2009-11-03 18:48 - 01370215 _____ C:\Windows\WindowsUpdate.log
2015-10-02 22:57 - 2010-03-08 14:45 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-02 22:48 - 2011-02-14 14:36 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job
2015-10-02 16:12 - 2009-09-04 08:02 - 01008462 _____ C:\Windows\PFRO.log
2015-10-02 16:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-02 16:12 - 2009-07-14 06:51 - 00125630 _____ C:\Windows\setupact.log
2015-10-02 12:48 - 2012-05-11 17:39 - 00000000 ___RD C:\Users\Petra\Desktop\Filmy
2015-10-02 12:13 - 2012-10-01 20:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-01 17:52 - 2010-01-03 17:06 - 00000000 ____D C:\Users\Petra\AppData\Local\Google
2015-10-01 17:40 - 2013-03-15 03:24 - 00001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2015-10-01 17:40 - 2013-03-15 03:24 - 00000977 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2015-10-01 17:26 - 2014-09-21 23:14 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411334032
2015-10-01 17:26 - 2014-09-21 23:13 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-01 17:21 - 2015-04-15 12:28 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-30 17:59 - 2011-06-05 19:55 - 00000000 ____D C:\Users\Petra\AppData\Roaming\BitTorrent
2015-09-30 17:47 - 2011-02-14 14:38 - 00002388 _____ C:\Users\Petra\Desktop\Google Chrome.lnk
2015-09-22 20:58 - 2009-11-03 19:38 - 00669132 _____ C:\Windows\system32\perfh005.dat
2015-09-22 20:58 - 2009-11-03 19:38 - 00141760 _____ C:\Windows\system32\perfc005.dat
2015-09-22 20:58 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-21 20:44 - 2010-03-08 14:45 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-21 20:44 - 2010-03-08 14:45 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-21 20:43 - 2011-02-14 14:36 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA
2015-09-21 20:43 - 2011-02-14 14:36 - 00003536 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core
2015-09-15 21:40 - 2009-09-04 07:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 12:11 - 2009-07-14 06:45 - 00334536 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 12:07 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 12:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 11:26 - 2013-08-14 01:15 - 00000000 ____D C:\Windows\system32\MRT
2015-09-08 22:27 - 2014-12-16 02:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-08 22:27 - 2014-05-08 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-08 22:26 - 2013-03-14 04:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-08 22:26 - 2013-03-14 04:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-07 23:34 - 2013-03-14 04:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-07 20:45 - 2013-02-13 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
==================== Files in the root of some directories =======
2009-09-04 07:34 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2009-09-04 07:35 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Petra\Desktop" je 130102 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Petra (administrator) on PETRA-PC (03-10-2015 15:18:48)
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: Petra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\PLFSetI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(forum.viry.cz) C:\Users\Petra\Desktop\FRST-OlderVersion\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7940128 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [489472 2009-08-20] (Acer Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-11-03] ()
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1191432 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-02-15] ()
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-04] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [Google Update] => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [BIBLauncher] => C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [3950384 2013-10-24] ()
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-04] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\MountPoints2: {031453fe-1b6e-11e5-b873-001e3324be46} - D:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~2.DLL => No File
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies app\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies app\safetynut\safetycrt.dll
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2013-12-04] (AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-08-06] (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-08-06] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2009-09-04]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-11-03]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{01960AB4-79F8-4BA5-AD01-1CB3C624A2FB}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F131376F-ED36-48CF-AF13-76D499909E85}: [DhcpNameServer] 10.0.0.2
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ360
BHO: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho64.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
BHO-x32: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2014-08-26] (PasswordBox, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-04] (AVAST Software)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Toolbar: HKLM - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
Toolbar: HKLM-x32 - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll [2008-10-08] ()
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-04] (AVAST Software)
Toolbar: HKLM-x32 - PasswordBox - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2014-08-26] (PasswordBox, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-161823599-738129010-2060771426-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Petra\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-161823599-738129010-2060771426-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Petra\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-03-23]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-03-23]
Chrome:
=======
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-02]
CHR Extension: (Dokumenty Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-17]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-17]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-17]
CHR Extension: (Tabulky Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-02]
CHR Extension: (DivX HiQ) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-03-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-09]
CHR Extension: (Skype Click to Call) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-03-13]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-17]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
StartMenuInternet: Google Chrome - C:\Users\Petra\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-04] (AVAST Software)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [787968 2009-08-20] (Acer Incorporated) [File not signed]
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-11-02] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-04] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-04] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S1 vaqzhgnq; \??\C:\Windows\system32\drivers\vaqzhgnq.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-03 15:18 - 2015-10-03 15:18 - 00000000 ____D C:\Users\Petra\Desktop\FRST-OlderVersion
2015-10-02 22:52 - 2015-10-02 23:19 - 492535192 _____ C:\Users\Petra\Downloads\Final---pustit.mp4
2015-10-02 16:22 - 2015-10-02 16:22 - 00044604 _____ C:\Users\Petra\Desktop\zoek-results.txt
2015-10-02 16:21 - 2015-10-02 16:21 - 00000000 ___RD C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2015-10-02 15:02 - 2015-10-02 13:40 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-10-02 14:46 - 2015-10-02 16:20 - 00000000 ____D C:\zoek
2015-10-02 14:21 - 2015-10-02 16:20 - 00044604 _____ C:\zoek-results.log
2015-10-02 13:44 - 2015-10-02 13:45 - 00654813 _____ C:\Users\Petra\Downloads\Setup (1).zip
2015-10-02 13:44 - 2015-10-02 13:44 - 01309184 _____ C:\Users\Petra\Downloads\zoek.exe
2015-10-02 13:40 - 2015-10-02 14:57 - 00000000 ____D C:\zoek_backup
2015-10-02 13:37 - 2015-10-02 13:37 - 00654810 _____ C:\Users\Petra\Downloads\Setup.zip
2015-10-02 13:36 - 2015-10-02 13:37 - 01309184 _____ C:\Users\Petra\Desktop\zoek.exe
2015-10-02 12:12 - 2015-10-02 12:12 - 00035800 _____ C:\Users\Petra\Desktop\AdwCleaner[C2].txt
2015-10-02 12:02 - 2015-10-02 12:08 - 00000000 ____D C:\AdwCleaner
2015-10-02 12:01 - 2015-10-02 12:01 - 01670656 _____ C:\Users\Petra\Desktop\adwcleaner_5.009.exe
2015-10-01 19:54 - 2015-10-01 19:54 - 00005548 _____ C:\Users\Petra\Desktop\Addition.rar
2015-10-01 19:54 - 2015-10-01 19:54 - 00000000 ____D C:\Users\Petra\AppData\Roaming\WinRAR
2015-10-01 19:52 - 2015-10-01 19:52 - 00000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-10-01 19:52 - 2015-10-01 19:52 - 00000000 ____D C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-01 19:52 - 2015-10-01 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-01 19:52 - 2015-10-01 19:52 - 00000000 ____D C:\Program Files\WinRAR
2015-10-01 19:51 - 2015-10-01 19:51 - 02129208 _____ C:\Users\Petra\Downloads\winrar-x64-521cz.exe
2015-10-01 18:37 - 2015-10-03 15:20 - 00022017 _____ C:\Users\Petra\Desktop\FRST.txt
2015-10-01 18:37 - 2015-10-03 15:18 - 00000000 ____D C:\FRST
2015-10-01 18:22 - 2015-10-01 18:22 - 00112640 _____ (forum.viry.cz) C:\Users\Petra\Downloads\FRSTLauncher.exe
2015-10-01 18:07 - 2015-10-03 15:18 - 02193408 _____ (Farbar) C:\Users\Petra\Desktop\FRST64.exe
2015-10-01 17:39 - 2015-10-01 17:41 - 00681952 _____ C:\Users\Petra\Downloads\Setup (3).exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup.exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup (2).exe
2015-10-01 17:38 - 2015-10-01 17:39 - 00681952 _____ C:\Users\Petra\Downloads\Setup (1).exe
2015-09-30 17:57 - 2015-09-30 17:58 - 03393608 _____ (Lucky Driver LLC) C:\Users\Petra\Downloads\House_of_Cards_S01e09Mux_-_XviD_-_Ita_Eng_Mp3_-_Sub_Ita_EngTNT_downloader.exe
2015-09-30 17:56 - 2015-09-30 17:56 - 01588386 _____ C:\Users\Petra\Downloads\House.of.Cards.S01e09[Mux.ace
2015-09-10 11:47 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-10 11:47 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-08 23:57 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 23:57 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 23:57 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-08 23:57 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-08 23:57 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-08 23:57 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 23:57 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-08 23:57 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 23:56 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 23:56 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-08 23:56 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-08 23:56 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-08 23:56 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-08 23:56 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-08 23:56 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 23:56 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 23:56 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-08 23:56 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-08 23:56 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 23:56 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-08 23:56 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-08 23:56 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-08 23:56 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-08 23:56 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-08 23:56 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-08 23:56 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-08 23:56 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 23:56 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-08 23:56 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-08 23:56 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-08 23:56 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-08 23:56 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-08 23:56 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 23:56 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-08 23:56 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-08 23:56 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-08 23:56 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 23:56 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-08 23:56 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-08 23:56 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 23:56 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 23:56 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 23:56 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-08 23:56 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 23:56 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-08 23:56 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-08 23:56 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-08 23:56 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-08 23:56 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 23:56 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 23:56 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 23:56 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-08 23:56 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-08 23:56 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 23:56 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 23:56 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 23:56 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 23:56 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-08 23:56 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-08 23:56 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-08 23:56 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-08 23:56 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-08 23:56 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-08 23:56 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-08 23:55 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 23:55 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-08 23:55 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-08 23:55 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 23:55 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-08 23:55 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 23:55 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-08 23:55 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-08 23:55 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-08 23:55 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 23:55 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-08 23:55 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-08 23:55 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-08 23:55 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-08 23:55 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-08 23:55 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-08 23:55 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-08 23:55 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-08 23:55 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-08 23:55 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-08 23:55 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-08 23:55 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-08 23:55 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-08 23:55 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-08 23:55 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-08 23:55 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-08 23:55 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-08 23:55 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-08 23:55 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-08 23:55 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-08 23:55 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-08 23:55 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-08 23:55 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-08 23:55 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-08 23:55 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-08 23:55 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-08 23:55 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-08 23:55 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-08 23:55 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-08 23:55 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-08 23:54 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 23:54 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 23:54 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-08 23:54 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-08 23:54 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 23:54 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 23:54 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-08 23:54 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-08 23:54 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-08 23:54 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-08 23:54 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-08 23:54 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 23:54 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 23:54 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-08 23:54 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 23:54 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 23:54 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-08 23:53 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-08 23:53 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 23:53 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-08 23:53 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-08 23:53 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-08 23:53 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 23:53 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-08 23:53 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-08 23:53 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 23:53 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 23:53 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-08 23:52 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-08 23:52 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 23:52 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-08 23:52 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 23:52 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-08 23:52 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-08 23:52 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-07 21:52 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-07 21:52 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-07 21:52 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-07 21:52 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-07 21:52 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-07 21:52 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-07 21:52 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-07 21:52 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-07 21:52 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-09-07 21:52 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-07 21:52 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-07 21:52 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-07 21:52 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-09-07 21:51 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-07 21:49 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-07 21:49 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-07 21:49 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-07 21:49 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-07 21:49 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-07 21:49 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-07 21:49 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-07 21:49 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-07 21:49 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-07 21:49 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-07 21:49 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-07 21:49 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-07 21:49 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-07 21:49 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-07 20:31 - 2015-09-07 22:09 - 00000000 ____D C:\Users\Petra\Desktop\House.of.Cards.1x04
2015-09-07 20:31 - 2015-09-07 20:36 - 00000000 ____D C:\Users\Petra\Desktop\House.of.Cards.1x03
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-03 15:16 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-03 15:16 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-03 15:12 - 2010-03-08 14:45 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-03 15:11 - 2011-02-14 14:36 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job
2015-10-03 15:11 - 2009-11-03 18:48 - 01370215 _____ C:\Windows\WindowsUpdate.log
2015-10-02 22:57 - 2010-03-08 14:45 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-02 22:48 - 2011-02-14 14:36 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job
2015-10-02 16:12 - 2009-09-04 08:02 - 01008462 _____ C:\Windows\PFRO.log
2015-10-02 16:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-02 16:12 - 2009-07-14 06:51 - 00125630 _____ C:\Windows\setupact.log
2015-10-02 12:48 - 2012-05-11 17:39 - 00000000 ___RD C:\Users\Petra\Desktop\Filmy
2015-10-02 12:13 - 2012-10-01 20:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-01 17:52 - 2010-01-03 17:06 - 00000000 ____D C:\Users\Petra\AppData\Local\Google
2015-10-01 17:40 - 2013-03-15 03:24 - 00001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2015-10-01 17:40 - 2013-03-15 03:24 - 00000977 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2015-10-01 17:26 - 2014-09-21 23:14 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411334032
2015-10-01 17:26 - 2014-09-21 23:13 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-01 17:21 - 2015-04-15 12:28 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-30 17:59 - 2011-06-05 19:55 - 00000000 ____D C:\Users\Petra\AppData\Roaming\BitTorrent
2015-09-30 17:47 - 2011-02-14 14:38 - 00002388 _____ C:\Users\Petra\Desktop\Google Chrome.lnk
2015-09-22 20:58 - 2009-11-03 19:38 - 00669132 _____ C:\Windows\system32\perfh005.dat
2015-09-22 20:58 - 2009-11-03 19:38 - 00141760 _____ C:\Windows\system32\perfc005.dat
2015-09-22 20:58 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-21 20:44 - 2010-03-08 14:45 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-21 20:44 - 2010-03-08 14:45 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-21 20:43 - 2011-02-14 14:36 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA
2015-09-21 20:43 - 2011-02-14 14:36 - 00003536 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core
2015-09-15 21:40 - 2009-09-04 07:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 12:11 - 2009-07-14 06:45 - 00334536 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 12:07 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 12:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 11:26 - 2013-08-14 01:15 - 00000000 ____D C:\Windows\system32\MRT
2015-09-08 22:27 - 2014-12-16 02:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-08 22:27 - 2014-05-08 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-08 22:26 - 2013-03-14 04:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-08 22:26 - 2013-03-14 04:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-07 23:34 - 2013-03-14 04:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-07 20:45 - 2013-02-13 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
==================== Files in the root of some directories =======
2009-09-04 07:34 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2009-09-04 07:35 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Petra\Desktop" je 130102 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-16] (CyberLink Corp.) HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-02-15] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [Google Update] => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.) HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-04] (Google Inc.) HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\MountPoints2: {031453fe-1b6e-11e5-b873-001e3324be46} - D:\HTC_Sync_Manager_PC.exe AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => No File AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~2.DLL => No File HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies app\safetynut\x64\safetycrt.dll HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies app\safetynut\safetycrt.dll ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_csCZ360 BHO: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho64.dll [2014-09-21] (HDPlus-01TotalV21.09) BHO-x32: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho.dll [2014-09-21] (HDPlus-01TotalV21.09) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.) Toolbar: HKLM - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] () Toolbar: HKLM-x32 - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll [2008-10-08] () Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] () Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File CHR Extension: (Skype Click to Call) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-29] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] S1 vaqzhgnq; \??\C:\Windows\system32\drivers\vaqzhgnq.sys [X] C:\Program Files (x86)\Skype\Toolbars C:\Program Files (x86)\TotalPlus01-3.1V21.09 c:\program files (x86)\movies app\safetynut 2015-10-03 15:18 - 2015-10-03 15:18 - 00000000 ____D C:\Users\Petra\Desktop\FRST-OlderVersion 2015-10-02 16:22 - 2015-10-02 16:22 - 00044604 _____ C:\Users\Petra\Desktop\zoek-results.txt 2015-10-02 15:02 - 2015-10-02 13:40 - 00024064 _____ C:\Windows\zoek-delete.exe 2015-10-02 14:46 - 2015-10-02 16:20 - 00000000 ____D C:\zoek 2015-10-02 14:21 - 2015-10-02 16:20 - 00044604 _____ C:\zoek-results.log 2015-10-02 13:44 - 2015-10-02 13:45 - 00654813 _____ C:\Users\Petra\Downloads\Setup (1).zip 2015-10-02 13:44 - 2015-10-02 13:44 - 01309184 _____ C:\Users\Petra\Downloads\zoek.exe 2015-10-02 13:40 - 2015-10-02 14:57 - 00000000 ____D C:\zoek_backup 2015-10-02 13:37 - 2015-10-02 13:37 - 00654810 _____ C:\Users\Petra\Downloads\Setup.zip 2015-10-02 13:36 - 2015-10-02 13:37 - 01309184 _____ C:\Users\Petra\Desktop\zoek.exe 2015-10-02 12:12 - 2015-10-02 12:12 - 00035800 _____ C:\Users\Petra\Desktop\AdwCleaner[C2].txt 2015-10-02 12:02 - 2015-10-02 12:08 - 00000000 ____D C:\AdwCleaner 2015-10-02 12:01 - 2015-10-02 12:01 - 01670656 _____ C:\Users\Petra\Desktop\adwcleaner_5.009.exe 2015-10-01 19:54 - 2015-10-01 19:54 - 00005548 _____ C:\Users\Petra\Desktop\Addition.rar 2015-10-01 18:37 - 2015-10-03 15:20 - 00022017 _____ C:\Users\Petra\Desktop\FRST.txt 2015-10-01 17:39 - 2015-10-01 17:41 - 00681952 _____ C:\Users\Petra\Downloads\Setup (3).exe 2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup.exe 2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup (2).exe 2015-10-01 17:38 - 2015-10-01 17:39 - 00681952 _____ C:\Users\Petra\Downloads\Setup (1).exe 2015-10-01 18:22 - 2015-10-01 18:22 - 00112640 _____ (forum.viry.cz) C:\Users\Petra\Downloads\FRSTLauncher.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Fix result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Petra (2015-10-06 20:28:35) Run:1
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: Petra)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-02-15] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [Google Update] => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-04] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\MountPoints2: {031453fe-1b6e-11e5-b873-001e3324be46} - D:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~2.DLL => No File
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies app\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies app\safetynut\safetycrt.dll
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ360
BHO: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho64.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO-x32: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Toolbar: HKLM - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKLM-x32 - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll [2008-10-08] ()
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
CHR Extension: (Skype Click to Call) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S1 vaqzhgnq; \??\C:\Windows\system32\drivers\vaqzhgnq.sys [X]
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\TotalPlus01-3.1V21.09
c:\program files (x86)\movies app\safetynut
2015-10-03 15:18 - 2015-10-03 15:18 - 00000000 ____D C:\Users\Petra\Desktop\FRST-OlderVersion
2015-10-02 16:22 - 2015-10-02 16:22 - 00044604 _____ C:\Users\Petra\Desktop\zoek-results.txt
2015-10-02 15:02 - 2015-10-02 13:40 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-10-02 14:46 - 2015-10-02 16:20 - 00000000 ____D C:\zoek
2015-10-02 14:21 - 2015-10-02 16:20 - 00044604 _____ C:\zoek-results.log
2015-10-02 13:44 - 2015-10-02 13:45 - 00654813 _____ C:\Users\Petra\Downloads\Setup (1).zip
2015-10-02 13:44 - 2015-10-02 13:44 - 01309184 _____ C:\Users\Petra\Downloads\zoek.exe
2015-10-02 13:40 - 2015-10-02 14:57 - 00000000 ____D C:\zoek_backup
2015-10-02 13:37 - 2015-10-02 13:37 - 00654810 _____ C:\Users\Petra\Downloads\Setup.zip
2015-10-02 13:36 - 2015-10-02 13:37 - 01309184 _____ C:\Users\Petra\Desktop\zoek.exe
2015-10-02 12:12 - 2015-10-02 12:12 - 00035800 _____ C:\Users\Petra\Desktop\AdwCleaner[C2].txt
2015-10-02 12:02 - 2015-10-02 12:08 - 00000000 ____D C:\AdwCleaner
2015-10-02 12:01 - 2015-10-02 12:01 - 01670656 _____ C:\Users\Petra\Desktop\adwcleaner_5.009.exe
2015-10-01 19:54 - 2015-10-01 19:54 - 00005548 _____ C:\Users\Petra\Desktop\Addition.rar
2015-10-01 18:37 - 2015-10-03 15:20 - 00022017 _____ C:\Users\Petra\Desktop\FRST.txt
2015-10-01 17:39 - 2015-10-01 17:41 - 00681952 _____ C:\Users\Petra\Downloads\Setup (3).exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup.exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup (2).exe
2015-10-01 17:38 - 2015-10-01 17:39 - 00681952 _____ C:\Users\Petra\Downloads\Setup (1).exe
2015-10-01 18:22 - 2015-10-01 18:22 - 00112640 _____ (forum.viry.cz) C:\Users\Petra\Downloads\FRSTLauncher.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl8 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDVD8LanguageShortcut => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value removed successfully
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value removed successfully
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
"HKU\S-1-5-21-161823599-738129010-2060771426-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{031453fe-1b6e-11e5-b873-001e3324be46}" => key removed successfully
HKCR\CLSID\{031453fe-1b6e-11e5-b873-001e3324be46} => key not found.
"C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL" => Value data removed successfully.
"C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~2.DLL" => Value data removed successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => value removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => key removed successfully
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => key removed successfully
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found.
"HKU\S-1-5-21-161823599-738129010-2060771426-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185}" => key removed successfully
"HKCR\CLSID\{11111111-1111-1111-1111-110611321185}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611321185}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2C688203-7EB3-4327-9995-1CB417BA23F9} => value removed successfully
"HKCR\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2C688203-7EB3-4327-9995-1CB417BA23F9} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9}" => key removed successfully
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2C688203-7EB3-4327-9995-1CB417BA23F9} => value removed successfully
HKCR\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9} => key not found.
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} => value removed successfully
HKCR\CLSID\{25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} => key not found.
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => not found
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => moved successfully
RtsUIR => service removed successfully
USBCCID => service removed successfully
vaqzhgnq => service removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
C:\Program Files (x86)\TotalPlus01-3.1V21.09 => moved successfully
"c:\program files (x86)\movies app\safetynut" => File/Folder not found.
C:\Users\Petra\Desktop\FRST-OlderVersion => moved successfully
C:\Users\Petra\Desktop\zoek-results.txt => moved successfully
C:\Windows\zoek-delete.exe => moved successfully
C:\zoek => moved successfully
C:\zoek-results.log => moved successfully
C:\Users\Petra\Downloads\Setup (1).zip => moved successfully
C:\Users\Petra\Downloads\zoek.exe => moved successfully
C:\zoek_backup => moved successfully
C:\Users\Petra\Downloads\Setup.zip => moved successfully
C:\Users\Petra\Desktop\zoek.exe => moved successfully
C:\Users\Petra\Desktop\AdwCleaner[C2].txt => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\Petra\Desktop\adwcleaner_5.009.exe => moved successfully
C:\Users\Petra\Desktop\Addition.rar => moved successfully
C:\Users\Petra\Desktop\FRST.txt => moved successfully
C:\Users\Petra\Downloads\Setup (3).exe => moved successfully
C:\Users\Petra\Downloads\Setup.exe => moved successfully
C:\Users\Petra\Downloads\Setup (2).exe => moved successfully
C:\Users\Petra\Downloads\Setup (1).exe => moved successfully
C:\Users\Petra\Downloads\FRSTLauncher.exe => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.2 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 20:30:27 ====
Ran by Petra (2015-10-06 20:28:35) Run:1
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: Petra)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-02-15] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [Google Update] => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-04] (Google Inc.)
HKU\S-1-5-21-161823599-738129010-2060771426-1000\...\MountPoints2: {031453fe-1b6e-11e5-b873-001e3324be46} - D:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~2.DLL => No File
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies app\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies app\safetynut\safetycrt.dll
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ360
BHO: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho64.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO-x32: TotalPlus01-3.1V21.09 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho.dll [2014-09-21] (HDPlus-01TotalV21.09)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Toolbar: HKLM - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKLM-x32 - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll [2008-10-08] ()
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-10-08] ()
Toolbar: HKU\S-1-5-21-161823599-738129010-2060771426-1000 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
CHR Extension: (Skype Click to Call) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S1 vaqzhgnq; \??\C:\Windows\system32\drivers\vaqzhgnq.sys [X]
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\TotalPlus01-3.1V21.09
c:\program files (x86)\movies app\safetynut
2015-10-03 15:18 - 2015-10-03 15:18 - 00000000 ____D C:\Users\Petra\Desktop\FRST-OlderVersion
2015-10-02 16:22 - 2015-10-02 16:22 - 00044604 _____ C:\Users\Petra\Desktop\zoek-results.txt
2015-10-02 15:02 - 2015-10-02 13:40 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-10-02 14:46 - 2015-10-02 16:20 - 00000000 ____D C:\zoek
2015-10-02 14:21 - 2015-10-02 16:20 - 00044604 _____ C:\zoek-results.log
2015-10-02 13:44 - 2015-10-02 13:45 - 00654813 _____ C:\Users\Petra\Downloads\Setup (1).zip
2015-10-02 13:44 - 2015-10-02 13:44 - 01309184 _____ C:\Users\Petra\Downloads\zoek.exe
2015-10-02 13:40 - 2015-10-02 14:57 - 00000000 ____D C:\zoek_backup
2015-10-02 13:37 - 2015-10-02 13:37 - 00654810 _____ C:\Users\Petra\Downloads\Setup.zip
2015-10-02 13:36 - 2015-10-02 13:37 - 01309184 _____ C:\Users\Petra\Desktop\zoek.exe
2015-10-02 12:12 - 2015-10-02 12:12 - 00035800 _____ C:\Users\Petra\Desktop\AdwCleaner[C2].txt
2015-10-02 12:02 - 2015-10-02 12:08 - 00000000 ____D C:\AdwCleaner
2015-10-02 12:01 - 2015-10-02 12:01 - 01670656 _____ C:\Users\Petra\Desktop\adwcleaner_5.009.exe
2015-10-01 19:54 - 2015-10-01 19:54 - 00005548 _____ C:\Users\Petra\Desktop\Addition.rar
2015-10-01 18:37 - 2015-10-03 15:20 - 00022017 _____ C:\Users\Petra\Desktop\FRST.txt
2015-10-01 17:39 - 2015-10-01 17:41 - 00681952 _____ C:\Users\Petra\Downloads\Setup (3).exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup.exe
2015-10-01 17:38 - 2015-10-01 17:40 - 00681952 _____ C:\Users\Petra\Downloads\Setup (2).exe
2015-10-01 17:38 - 2015-10-01 17:39 - 00681952 _____ C:\Users\Petra\Downloads\Setup (1).exe
2015-10-01 18:22 - 2015-10-01 18:22 - 00112640 _____ (forum.viry.cz) C:\Users\Petra\Downloads\FRSTLauncher.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job => C:\Users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl8 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDVD8LanguageShortcut => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value removed successfully
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value removed successfully
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
"HKU\S-1-5-21-161823599-738129010-2060771426-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{031453fe-1b6e-11e5-b873-001e3324be46}" => key removed successfully
HKCR\CLSID\{031453fe-1b6e-11e5-b873-001e3324be46} => key not found.
"C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL" => Value data removed successfully.
"C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~2.DLL" => Value data removed successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => value removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => key removed successfully
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => key removed successfully
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found.
"HKU\S-1-5-21-161823599-738129010-2060771426-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185}" => key removed successfully
"HKCR\CLSID\{11111111-1111-1111-1111-110611321185}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611321185}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2C688203-7EB3-4327-9995-1CB417BA23F9} => value removed successfully
"HKCR\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2C688203-7EB3-4327-9995-1CB417BA23F9} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9}" => key removed successfully
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2C688203-7EB3-4327-9995-1CB417BA23F9} => value removed successfully
HKCR\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9} => key not found.
HKU\S-1-5-21-161823599-738129010-2060771426-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} => value removed successfully
HKCR\CLSID\{25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} => key not found.
C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => not found
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => moved successfully
RtsUIR => service removed successfully
USBCCID => service removed successfully
vaqzhgnq => service removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
C:\Program Files (x86)\TotalPlus01-3.1V21.09 => moved successfully
"c:\program files (x86)\movies app\safetynut" => File/Folder not found.
C:\Users\Petra\Desktop\FRST-OlderVersion => moved successfully
C:\Users\Petra\Desktop\zoek-results.txt => moved successfully
C:\Windows\zoek-delete.exe => moved successfully
C:\zoek => moved successfully
C:\zoek-results.log => moved successfully
C:\Users\Petra\Downloads\Setup (1).zip => moved successfully
C:\Users\Petra\Downloads\zoek.exe => moved successfully
C:\zoek_backup => moved successfully
C:\Users\Petra\Downloads\Setup.zip => moved successfully
C:\Users\Petra\Desktop\zoek.exe => moved successfully
C:\Users\Petra\Desktop\AdwCleaner[C2].txt => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\Petra\Desktop\adwcleaner_5.009.exe => moved successfully
C:\Users\Petra\Desktop\Addition.rar => moved successfully
C:\Users\Petra\Desktop\FRST.txt => moved successfully
C:\Users\Petra\Downloads\Setup (3).exe => moved successfully
C:\Users\Petra\Downloads\Setup.exe => moved successfully
C:\Users\Petra\Downloads\Setup (2).exe => moved successfully
C:\Users\Petra\Downloads\Setup (1).exe => moved successfully
C:\Users\Petra\Downloads\FRSTLauncher.exe => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000Core.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-161823599-738129010-2060771426-1000UA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.2 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 20:30:27 ====
Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vyskakující okna, samonačítání stránek po clicknutí do o
Vypadá to v pohodě, Díky mock. Spíš se ještě zeptám: v Zoexu jsme "defaultovali" a vyprazďnovali cache u IE, FF, CHR...ale mám i Operu...bylo to záměrně opomenuto? Je to absencí javy/flashe v prohlížeči?
Přispějete na provoz fóra?