prosim o kontrolu logu. notebook temer nebezi, kvuli zpomaleni.
predem dekuji za rady
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:43:54, on 30.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
FIREFOX: 3.6.25 (cs)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Panasonic\HD Writer AE 1\HDWriterAutoStart.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Microsoft Works\WkCalRem.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Domov\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w4741r305
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... pl=11&qkw=%s&tbid=60040
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.2.40:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.7.0_11\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.7.0_11\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: wkcalrem.LNK = C:\Program Files (x86)\Microsoft Works\WkCalRem.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HD Writer AE 1.0.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15088 bytes
kontrola logu
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: kontrola logu
# AdwCleaner v4.102 - Report created 30/11/2014 at 11:40:51
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Domov - DOMOV-PC
# Running from : C:\Users\Domov\Downloads\adwcleaner_4.102.exe
# Option : Scan
***** [ Services ] *****
Service Found : vToolbarUpdater18.1.9
***** [ Files / Folders ] *****
File Found : C:\Users\Domov\AppData\Roaming\Mozilla\Firefox\Profiles\9ddnnkuz.default\searchplugins\Askcom.xml
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Users\Domov\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\Users\Domov\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Domov\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Domov\AppData\LocalLow\AVG Security Toolbar
Folder Found : C:\Users\Domov\AppData\Roaming\Mozilla\Firefox\Profiles\9ddnnkuz.default\Extensions\toolbar@ask.com
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Scheduled Tasks ] *****
Task Found : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A415872-4909-4754-A01E-B03CA0C3021A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\AVG Security Toolbar
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A415872-4909-4754-A01E-B03CA0C3021A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://www.crawler.com/search/dispatche ... pl=11&qkw=%s&tbid=60040
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://isearch.avg.com/tab?cid={AB5885AD-7A40-4F36-99A0-0CB24A7A13F6}&mid=05c666098847bf4e5943747ad234da99-df25df28d2c07143b60d673fbaae445279545c82&lang=cs&ds=AVG&pr=pr&d=2012-01-04 20:55:32&v=9.0.0.23&sap=nt
-\\ Mozilla Firefox v3.6.25 (cs)
[9ddnnkuz.default] - Line Found : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.3.0.11");
[9ddnnkuz.default] - Line Found : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
[9ddnnkuz.default] - Line Found : user_pref("browser.search.defaultengine", "Ask.com");
[9ddnnkuz.default] - Line Found : user_pref("browser.search.defaultenginename", "Ask.com");
[9ddnnkuz.default] - Line Found : user_pref("browser.search.order.1", "Ask.com");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.apn_dbr", "ie_9.0.8112.16421");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.cbid", "U3");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.config-updated", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.cr-o", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.crumb", "2012.10.16+10.38.02-toolbar013iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all&gct=bar");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.displaybehavior", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.displaytext", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.dtid", "OSJ000YYCZ");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.first-restart-after-config-update", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.fresh-install", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.guid", "91F64EF2-B9C9-4662-A927-E9D7950A5352");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.if", "upd");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.keyword-toggled-in-session", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.l", "dis");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.last-config-req", "1372010394182");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.locale", "en_EU");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.location", "Prague,Czech Republic");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.lstation", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.new-tab-opt-out", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.news-native-on", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.o", "100000027");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.oldVersion", "5.15.23.36191");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.pstate", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.qsrc", "2871");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.r", "20");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.sa", "YES");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.saguid", "0B580868-265C-4E51-AA8F-E12389F4C126");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.search-suggestions-enabled", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-first", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-interval", "1200000");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-max-items", "30");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-native-on", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-speed", "10000");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-transition-first-open", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.themeid", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.timeinstalled", "1.5.2013 23:08:45");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.to", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.v", "3.15.23.100013");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.version", "5.15.23.36191");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.volume", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024[...]
[9ddnnkuz.default] - Line Found : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=en_EU&apn_uid=91F64EF2-B9C9-4662-A927-E9D7950A5352&apn_ptnrs=U3&apn_sauid=0B580868-265C-4E51-AA8F[...]
-\\ Google Chrome v38.0.2125.101
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.crawler.com/search/dispatche ... pl=11&qkw={searchTerms}&tbid=60040
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://isearch.avg.com/search?cid={AB5885AD-7A40-4F36-99A0-0CB24A7A13F6}&mid=05c666098847bf4e5943747ad234da99-df25df28d2c07143b60d673fbaae445279545c82&lang=cs&ds=AVG&pr=pr&d=2012-01-04 20:55:32&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
*************************
AdwCleaner[R0].txt - [21848 octets] - [30/11/2014 11:40:51]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21909 octets] ##########
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Domov - DOMOV-PC
# Running from : C:\Users\Domov\Downloads\adwcleaner_4.102.exe
# Option : Scan
***** [ Services ] *****
Service Found : vToolbarUpdater18.1.9
***** [ Files / Folders ] *****
File Found : C:\Users\Domov\AppData\Roaming\Mozilla\Firefox\Profiles\9ddnnkuz.default\searchplugins\Askcom.xml
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Users\Domov\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\Users\Domov\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Domov\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Domov\AppData\LocalLow\AVG Security Toolbar
Folder Found : C:\Users\Domov\AppData\Roaming\Mozilla\Firefox\Profiles\9ddnnkuz.default\Extensions\toolbar@ask.com
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Scheduled Tasks ] *****
Task Found : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A415872-4909-4754-A01E-B03CA0C3021A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\AVG Security Toolbar
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A415872-4909-4754-A01E-B03CA0C3021A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://www.crawler.com/search/dispatche ... pl=11&qkw=%s&tbid=60040
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://isearch.avg.com/tab?cid={AB5885AD-7A40-4F36-99A0-0CB24A7A13F6}&mid=05c666098847bf4e5943747ad234da99-df25df28d2c07143b60d673fbaae445279545c82&lang=cs&ds=AVG&pr=pr&d=2012-01-04 20:55:32&v=9.0.0.23&sap=nt
-\\ Mozilla Firefox v3.6.25 (cs)
[9ddnnkuz.default] - Line Found : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.3.0.11");
[9ddnnkuz.default] - Line Found : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
[9ddnnkuz.default] - Line Found : user_pref("browser.search.defaultengine", "Ask.com");
[9ddnnkuz.default] - Line Found : user_pref("browser.search.defaultenginename", "Ask.com");
[9ddnnkuz.default] - Line Found : user_pref("browser.search.order.1", "Ask.com");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.apn_dbr", "ie_9.0.8112.16421");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.cbid", "U3");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.config-updated", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.cr-o", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.crumb", "2012.10.16+10.38.02-toolbar013iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all&gct=bar");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.displaybehavior", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.displaytext", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.dtid", "OSJ000YYCZ");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.first-restart-after-config-update", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.fresh-install", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.guid", "91F64EF2-B9C9-4662-A927-E9D7950A5352");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.if", "upd");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.keyword-toggled-in-session", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.l", "dis");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.last-config-req", "1372010394182");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.locale", "en_EU");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.location", "Prague,Czech Republic");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.lstation", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.new-tab-opt-out", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.news-native-on", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.o", "100000027");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.oldVersion", "5.15.23.36191");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.pstate", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.qsrc", "2871");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.r", "20");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.sa", "YES");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.saguid", "0B580868-265C-4E51-AA8F-E12389F4C126");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.search-suggestions-enabled", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-first", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-interval", "1200000");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-max-items", "30");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-native-on", true);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-speed", "10000");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.socialmini-transition-first-open", false);
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.themeid", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.timeinstalled", "1.5.2013 23:08:45");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.to", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.v", "3.15.23.100013");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.version", "5.15.23.36191");
[9ddnnkuz.default] - Line Found : user_pref("extensions.asktb.volume", "");
[9ddnnkuz.default] - Line Found : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024[...]
[9ddnnkuz.default] - Line Found : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=en_EU&apn_uid=91F64EF2-B9C9-4662-A927-E9D7950A5352&apn_ptnrs=U3&apn_sauid=0B580868-265C-4E51-AA8F[...]
-\\ Google Chrome v38.0.2125.101
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.crawler.com/search/dispatche ... pl=11&qkw={searchTerms}&tbid=60040
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://isearch.avg.com/search?cid={AB5885AD-7A40-4F36-99A0-0CB24A7A13F6}&mid=05c666098847bf4e5943747ad234da99-df25df28d2c07143b60d673fbaae445279545c82&lang=cs&ds=AVG&pr=pr&d=2012-01-04 20:55:32&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
*************************
AdwCleaner[R0].txt - [21848 octets] - [30/11/2014 11:40:51]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21909 octets] ##########
Re: kontrola logu
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 30.11.2014
Scan Time: 12:31:04
Logfile: malware.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.30.04
Rootkit Database: v2014.11.29.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Domov
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 333619
Time Elapsed: 1 hr, 3 min, 36 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 18
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd.1, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-3207455403-1667181425-955226745-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-3207455403-1667181425-955226745-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3207455403-1667181425-955226745-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [a94364ddf389310583489dd2cc379d63],
Registry Values: 3
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-3207455403-1667181425-955226745-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{00000000-6E41-4FD3-8538-502F5495E5FC}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [edffcf72aeceda5ca89b619fbe4548b8],
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.FrostwireTB.A, C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll, , [00ecd8696517d06668db6799719238c8],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 30.11.2014
Scan Time: 12:31:04
Logfile: malware.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.30.04
Rootkit Database: v2014.11.29.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Domov
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 333619
Time Elapsed: 1 hr, 3 min, 36 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 18
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd.1, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-3207455403-1667181425-955226745-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-3207455403-1667181425-955226745-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3207455403-1667181425-955226745-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [a94364ddf389310583489dd2cc379d63],
Registry Values: 3
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-3207455403-1667181425-955226745-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{00000000-6E41-4FD3-8538-502F5495E5FC}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, , [00ecd8696517d06668db6799719238c8],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [edffcf72aeceda5ca89b619fbe4548b8],
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.FrostwireTB.A, C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll, , [00ecd8696517d06668db6799719238c8],
Physical Sectors: 0
(No malicious items detected)
(end)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu
# AdwCleaner v4.103 - Report created 01/12/2014 at 17:29:20
# Updated 01/12/2014 by Xplode
# Database : 2014-12-01.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Domov - DOMOV-PC
# Running from : C:\Users\Domov\Downloads\adwcleaner_4.103.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : vToolbarUpdater18.1.9
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Domov\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Domov\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Domov\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Domov\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Domov\AppData\Roaming\Mozilla\Firefox\Profiles\9ddnnkuz.default\Extensions\toolbar@ask.com
Folder Deleted : C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Domov\AppData\Roaming\Mozilla\Firefox\Profiles\9ddnnkuz.default\searchplugins\Askcom.xml
***** [ Scheduled Tasks ] *****
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A415872-4909-4754-A01E-B03CA0C3021A}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v3.6.25 (cs)
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.3.0.11");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.comgoogle\\.\\w+yahoo\\.\\w+gmail\\.\\w+hotmail\\.\\w+live\\.\\w+isearch\\.avg\\.commysearch\\.avg\\.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.apn_dbr", "ie_9.0.8112.16421");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.cbid", "U3");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.config-updated", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.cr-o", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.crumb", "2012.10.16+10.38.02-toolbar013iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all&gct=bar");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.displaybehavior", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.displaytext", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dtid", "OSJ000YYCZ");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.first-restart-after-config-update", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.fresh-install", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.guid", "91F64EF2-B9C9-4662-A927-E9D7950A5352");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.if", "upd");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.keyword-toggled-in-session", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.l", "dis");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.last-config-req", "1372010394182");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.locale", "en_EU");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.location", "Prague,Czech Republic");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.lstation", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.new-tab-opt-out", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.news-native-on", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.o", "100000027");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.oldVersion", "5.15.23.36191");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.pstate", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.r", "20");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.sa", "YES");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.saguid", "0B580868-265C-4E51-AA8F-E12389F4C126");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-first", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.themeid", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.timeinstalled", "1.5.2013 23:08:45");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.to", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.v", "3.15.23.100013");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.version", "5.15.23.36191");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.volume", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024[...]
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=en_EU&apn_uid=91F64EF2-B9C9-4662-A927-E9D7950A5352&apn_ptnrs=U3&apn_sauid=0B580868-265C-4E51-AA8F[...]
-\\ Google Chrome v39.0.2171.71
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.crawler.com/search/dispatche ... pl=11&qkw={searchTerms}&tbid=60040
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={AB5885AD-7A40-4F36-99A0-0CB24A7A13F6}&mid=05c666098847bf4e5943747ad234da99-df25df28d2c07143b60d673fbaae445279545c82&lang=cs&ds=AVG&pr=pr&d=2012-01-04 20:55:32&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
*************************
AdwCleaner[R0].txt - [22166 octets] - [30/11/2014 11:40:51]
AdwCleaner[R1].txt - [22226 octets] - [01/12/2014 17:21:31]
AdwCleaner[S0].txt - [21812 octets] - [01/12/2014 17:29:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21873 octets] ##########
# Updated 01/12/2014 by Xplode
# Database : 2014-12-01.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Domov - DOMOV-PC
# Running from : C:\Users\Domov\Downloads\adwcleaner_4.103.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : vToolbarUpdater18.1.9
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Domov\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Domov\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Domov\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Domov\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Domov\AppData\Roaming\Mozilla\Firefox\Profiles\9ddnnkuz.default\Extensions\toolbar@ask.com
Folder Deleted : C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Domov\AppData\Roaming\Mozilla\Firefox\Profiles\9ddnnkuz.default\searchplugins\Askcom.xml
***** [ Scheduled Tasks ] *****
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A415872-4909-4754-A01E-B03CA0C3021A}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v3.6.25 (cs)
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.3.0.11");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.comgoogle\\.\\w+yahoo\\.\\w+gmail\\.\\w+hotmail\\.\\w+live\\.\\w+isearch\\.avg\\.commysearch\\.avg\\.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.apn_dbr", "ie_9.0.8112.16421");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.cbid", "U3");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.config-updated", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.cr-o", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.crumb", "2012.10.16+10.38.02-toolbar013iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all&gct=bar");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.displaybehavior", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.displaytext", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dtid", "OSJ000YYCZ");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.first-restart-after-config-update", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.fresh-install", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.guid", "91F64EF2-B9C9-4662-A927-E9D7950A5352");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.if", "upd");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.keyword-toggled-in-session", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.l", "dis");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.last-config-req", "1372010394182");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.locale", "en_EU");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.location", "Prague,Czech Republic");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.lstation", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.new-tab-opt-out", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.news-native-on", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.o", "100000027");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.oldVersion", "5.15.23.36191");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.pstate", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.r", "20");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.sa", "YES");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.saguid", "0B580868-265C-4E51-AA8F-E12389F4C126");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-first", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.themeid", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.timeinstalled", "1.5.2013 23:08:45");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.to", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.v", "3.15.23.100013");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.version", "5.15.23.36191");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.volume", "");
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024[...]
[9ddnnkuz.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=en_EU&apn_uid=91F64EF2-B9C9-4662-A927-E9D7950A5352&apn_ptnrs=U3&apn_sauid=0B580868-265C-4E51-AA8F[...]
-\\ Google Chrome v39.0.2171.71
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.crawler.com/search/dispatche ... pl=11&qkw={searchTerms}&tbid=60040
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={AB5885AD-7A40-4F36-99A0-0CB24A7A13F6}&mid=05c666098847bf4e5943747ad234da99-df25df28d2c07143b60d673fbaae445279545c82&lang=cs&ds=AVG&pr=pr&d=2012-01-04 20:55:32&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
[C:\Users\Domov\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
*************************
AdwCleaner[R0].txt - [22166 octets] - [30/11/2014 11:40:51]
AdwCleaner[R1].txt - [22226 octets] - [01/12/2014 17:21:31]
AdwCleaner[S0].txt - [21812 octets] - [01/12/2014 17:29:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21873 octets] ##########
Re: kontrola logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Domov on po 01.12.2014 at 17:59:45,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"
~~~ Files
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-969E73DB.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-66EEE4D2.pf
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0563376A-A059-45C3-B52D-C4FE19773234}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{06E9810C-3823-44E5-8132-FC2C72C42F84}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{08449582-EEF3-471A-89F5-561BEC858DD0}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0B85D14F-8021-4D07-BC86-8C415E1B0E65}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0B879BE3-909B-454F-B99B-D7B1D21A54D8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0C3AFF4B-C3D6-4712-A49C-41EA025F7E10}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0D00C6FE-FC40-4E8F-A65F-DD8FD7C3F2CF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0D0470CC-D0BD-4A84-B260-714625315223}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0FE63006-7B56-4AAD-96E6-6CB6856CC6E8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{10F33EDB-6492-4F43-BA0C-34D283FC239A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{137118F6-5BC8-4EBB-8826-71B2F99897A4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{14DA6E67-9AB1-4B63-81C5-422BF07BC684}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{17F41522-E890-449D-B293-D4AB0214EE43}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{187D32A1-1D9B-48D9-83BD-9BEB0DE9242B}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{1A6F0AEF-B77C-4958-B0F4-D25E8C4D3DF7}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{1A731E9E-DF77-4112-9709-BD0A49EBE1E8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{1FF62693-8128-4720-B803-238D6CF169F4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2A2364B1-467A-4657-B6DF-987DF22D39A4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2AA2AE09-E686-4AE5-9202-3780069FCC38}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2CC2CCB5-370B-4ED6-ACC5-DE328AD69778}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2D996F65-529C-4157-8FF2-880B256D1F30}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2FD2FC5B-EF27-43E7-B5E3-B582D0B2496F}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{30C8C2C2-A227-4FE8-A19B-FE0611C7AD2C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{311ABF4B-54AE-4CAD-8A7A-336FA0341723}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{31A704BD-B88F-4C4F-A00E-65459E939D39}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{32C5181A-C728-453B-9082-7E5718632D44}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{33F7CF8D-0F0A-4824-BFF6-A28B8B528DCB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3494C185-AC77-4C4A-9E61-E85510CA993D}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3747DDD3-EF7F-4D1D-99F0-E62644CB1AE4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3A68AD18-42D5-44AA-BCC1-94FC7F977ADF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3A9270BC-B283-4F84-9A5C-75109276E05B}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3ACEAA9D-E2DE-49A7-8EBC-D0CF350C953A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3AEC7725-4BB9-4059-BEED-35D55CE705BF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3F2E727D-3F36-46E1-963E-CF8D30288972}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{40B17257-CCDD-4420-99BE-FACE1A7F8A71}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{46AC00DF-BF7E-4335-95BE-A223867F0F3A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{48CE6084-E5FF-41B2-BE22-F47D782198C0}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{4995CBDE-A1EB-4A9B-A103-A5142A136AE3}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{4CFA55CE-08AD-4F42-867F-625CF96260D6}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{4D4670F6-819B-4A62-8ED4-31C5D0D82661}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{4E12CBA2-CC7C-4A1A-84C9-3CBA79C1C12B}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{529F034E-4664-4F49-A837-0191C962E8C7}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{5505F4C4-EB64-4EC7-9F5A-178CF9FC0EFB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{5775878D-0FCE-4BEE-BA1D-9AB0BADAE266}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{577E02E4-FFD6-4403-9F9C-770325DF0BCB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{579F2D69-016E-467E-8FD6-58EADAEB58BC}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{57A8F2ED-69B2-45B7-9769-75E2F282442D}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{583300A3-C8F8-4E63-BC35-1A22C9B42129}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{595985A2-EA46-40E1-8661-49EFD25563B8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{59B5AECD-3256-4771-B71A-1493B8DE0CAA}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{61BB645A-8589-4415-B8C6-1ADA026478BB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{61BD6409-7585-40B2-961C-5D2DF96FACA2}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{65555D54-2A18-4395-B00A-95D5095D638C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{68166AA9-90BC-4580-80BF-2F97DE625FE4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{69F248EE-6B74-44BC-9C59-45FF324C4D21}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{6BE71239-175D-4915-A127-22C4783F9931}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{6D48972E-55EF-4C57-BDF9-709F0FF17851}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{6F9411E1-7596-4A20-B210-680BE462D0C9}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{72C2ADA3-403F-4104-BACD-B4B2ECDD915A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{75839B3B-C8B1-4BE7-9C06-D01C96832078}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{7631F98F-D86E-4EDE-A0D6-B81F266E1075}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{76A2FF85-5F7A-4DF3-A88C-733EC0BFD46C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{7E8D180D-5CD1-4A17-B786-107D104FD151}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{7F0F0A6E-1C05-49A4-B514-8DB05E05343D}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{804990DA-9DBA-4431-9734-C914F857161F}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{83239126-BAB9-4747-BF3D-07F7EF4921AE}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{83F08E7C-1A27-45D0-B5DA-ECF879070738}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8590EBDD-7DD3-4F7C-AB33-893EAA7AFD89}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{86122945-F907-4BD2-A1F2-B072F9997831}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8A35BC28-8B45-492E-9A2E-680F83BA85E3}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8BD8DEA7-0010-4AD6-A1E8-997E90C42D15}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8D9B6C09-E957-483D-8B7C-53620C384148}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8DFF8B44-7D8A-4BDC-A91A-26186BEE16D1}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9072FCD6-84FB-406E-AEC1-976B4A7819A0}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{90762925-CB79-4010-9CD4-62049ABADDAC}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{90FAAF49-510D-4979-83E9-519041A35228}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{94485A0C-E578-4100-9F0A-FB073062CD4C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9CDB6243-CC92-40FD-9F1C-1951941A6DE7}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9D5976C8-E700-43A3-9C5A-63600ABDC002}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9EA12ADF-1C0A-4D8E-BA7F-DFF26EE06091}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9F0E221F-4019-4B54-9755-ED4ADE82569C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A0052BAC-A378-4428-8953-0C4E31CBED5C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A02C834A-5050-4A2E-83CC-91CF1EC66124}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A05A19E5-D439-4128-AE54-143689E19C38}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A464476C-39C6-4731-BD31-E625629F5521}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A79E0AB9-D05D-4ACF-BBCD-DB605EAE46D8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AAA267F2-0177-4F57-B934-344942CF9E18}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AD55656B-F6D3-4284-AB03-C16DE3A48DE5}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AE1D0D4E-DC91-4218-99B8-39D0C2AA5CAF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AF335C9D-2D42-4A41-BB12-3AFCC87CF79C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AFCA34F2-929F-43A2-9890-7C080CBF511D}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B042FA36-FE4C-4E24-A305-3C1A3297A306}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B0C80917-E949-4082-92C8-9F1EF6E33682}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B2C53579-6F82-432B-B487-197412A11506}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B326BD43-34CE-4087-B6F7-B65AC1919A3E}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B531B076-791F-4248-AF2C-47DF3AA6766C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B6565EED-8641-4ADB-B615-F0B24871AA2F}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{BB1B51EF-3427-49FF-AC09-6B0A3C19C2F2}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{BB2025E5-E223-4EB3-9638-B4C5CC64FAB2}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{BF45EF74-469F-42BC-9A5D-B4A9B025D87A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C5C7BDAE-565B-48D8-920C-C0C2508CA531}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C6D989EB-D764-4937-B655-2A8AEA42CD78}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C75FE7C1-7B7C-4608-B6FE-A5200EEB6547}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C781D3D3-90EA-4DA3-A787-A59B1DDE5A0C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C7E31C14-121E-48CC-A117-D6AFEC6A30A0}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D00390F8-DB06-4C1F-A253-00DD3AA62F86}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D030D4C7-55E3-4F39-925F-22576BE5E4B5}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D13880FF-F64B-43E2-8BEA-9A5ACA4A9F1B}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D26162C5-8CA3-4DEF-9756-5A3FF98759C3}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D74A81D5-CF8C-4F2C-AA58-AE1C5BFE72FB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D87A90B1-5BD7-47E2-9CD8-9FC43DCA2003}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D919142A-C18C-4A9F-B366-FB2EF86B09CF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{DBB56E76-B9AA-424A-95CD-13B112AA5F67}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{DCF9ED4F-F17A-4CFD-BBB6-3096380DB661}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{DE7C8C98-BA69-49D8-81DD-39AD9023D4BF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{E408BB8D-1AF3-456D-AE8A-E17F7DDAEA75}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{E4A128D3-7896-4502-82FB-37D71947CBDA}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{E907551E-6925-4740-9218-E2A4A8AC49CF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{EC440084-078B-4707-84F7-2D3D1F2841D9}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{EF658798-ED4E-400B-B264-98C60E60A59C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{F0092A4B-2DDF-4B6B-AC67-C9AB41138EEB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{F36A6039-7612-4629-AEDB-BC0332EA5C08}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{F5D1AE25-57DF-4E96-8363-D1AAF59D1036}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{F6756067-0C96-4EDD-A276-F0A5A4F018AD}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{FCFD2CC9-C874-4B41-80E0-8F97737D8D5E}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{FD95F12D-25DA-4A44-9DAF-3C5FCE489048}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{FE489599-056C-4991-8B17-61F27F9C1823}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{FEDA5BB9-1668-4531-8C2D-5EE82960CAAC}
~~~ FireFox
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml"
Emptied folder: C:\Users\Domov\AppData\Roaming\mozilla\firefox\profiles\9ddnnkuz.default\minidumps [5 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 01.12.2014 at 18:14:58,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Domov on po 01.12.2014 at 17:59:45,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"
~~~ Files
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-969E73DB.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-66EEE4D2.pf
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0563376A-A059-45C3-B52D-C4FE19773234}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{06E9810C-3823-44E5-8132-FC2C72C42F84}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{08449582-EEF3-471A-89F5-561BEC858DD0}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0B85D14F-8021-4D07-BC86-8C415E1B0E65}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0B879BE3-909B-454F-B99B-D7B1D21A54D8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0C3AFF4B-C3D6-4712-A49C-41EA025F7E10}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0D00C6FE-FC40-4E8F-A65F-DD8FD7C3F2CF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0D0470CC-D0BD-4A84-B260-714625315223}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{0FE63006-7B56-4AAD-96E6-6CB6856CC6E8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{10F33EDB-6492-4F43-BA0C-34D283FC239A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{137118F6-5BC8-4EBB-8826-71B2F99897A4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{14DA6E67-9AB1-4B63-81C5-422BF07BC684}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{17F41522-E890-449D-B293-D4AB0214EE43}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{187D32A1-1D9B-48D9-83BD-9BEB0DE9242B}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{1A6F0AEF-B77C-4958-B0F4-D25E8C4D3DF7}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{1A731E9E-DF77-4112-9709-BD0A49EBE1E8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{1FF62693-8128-4720-B803-238D6CF169F4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2A2364B1-467A-4657-B6DF-987DF22D39A4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2AA2AE09-E686-4AE5-9202-3780069FCC38}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2CC2CCB5-370B-4ED6-ACC5-DE328AD69778}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2D996F65-529C-4157-8FF2-880B256D1F30}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{2FD2FC5B-EF27-43E7-B5E3-B582D0B2496F}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{30C8C2C2-A227-4FE8-A19B-FE0611C7AD2C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{311ABF4B-54AE-4CAD-8A7A-336FA0341723}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{31A704BD-B88F-4C4F-A00E-65459E939D39}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{32C5181A-C728-453B-9082-7E5718632D44}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{33F7CF8D-0F0A-4824-BFF6-A28B8B528DCB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3494C185-AC77-4C4A-9E61-E85510CA993D}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3747DDD3-EF7F-4D1D-99F0-E62644CB1AE4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3A68AD18-42D5-44AA-BCC1-94FC7F977ADF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3A9270BC-B283-4F84-9A5C-75109276E05B}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3ACEAA9D-E2DE-49A7-8EBC-D0CF350C953A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3AEC7725-4BB9-4059-BEED-35D55CE705BF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{3F2E727D-3F36-46E1-963E-CF8D30288972}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{40B17257-CCDD-4420-99BE-FACE1A7F8A71}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{46AC00DF-BF7E-4335-95BE-A223867F0F3A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{48CE6084-E5FF-41B2-BE22-F47D782198C0}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{4995CBDE-A1EB-4A9B-A103-A5142A136AE3}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{4CFA55CE-08AD-4F42-867F-625CF96260D6}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{4D4670F6-819B-4A62-8ED4-31C5D0D82661}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{4E12CBA2-CC7C-4A1A-84C9-3CBA79C1C12B}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{529F034E-4664-4F49-A837-0191C962E8C7}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{5505F4C4-EB64-4EC7-9F5A-178CF9FC0EFB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{5775878D-0FCE-4BEE-BA1D-9AB0BADAE266}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{577E02E4-FFD6-4403-9F9C-770325DF0BCB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{579F2D69-016E-467E-8FD6-58EADAEB58BC}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{57A8F2ED-69B2-45B7-9769-75E2F282442D}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{583300A3-C8F8-4E63-BC35-1A22C9B42129}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{595985A2-EA46-40E1-8661-49EFD25563B8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{59B5AECD-3256-4771-B71A-1493B8DE0CAA}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{61BB645A-8589-4415-B8C6-1ADA026478BB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{61BD6409-7585-40B2-961C-5D2DF96FACA2}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{65555D54-2A18-4395-B00A-95D5095D638C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{68166AA9-90BC-4580-80BF-2F97DE625FE4}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{69F248EE-6B74-44BC-9C59-45FF324C4D21}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{6BE71239-175D-4915-A127-22C4783F9931}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{6D48972E-55EF-4C57-BDF9-709F0FF17851}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{6F9411E1-7596-4A20-B210-680BE462D0C9}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{72C2ADA3-403F-4104-BACD-B4B2ECDD915A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{75839B3B-C8B1-4BE7-9C06-D01C96832078}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{7631F98F-D86E-4EDE-A0D6-B81F266E1075}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{76A2FF85-5F7A-4DF3-A88C-733EC0BFD46C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{7E8D180D-5CD1-4A17-B786-107D104FD151}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{7F0F0A6E-1C05-49A4-B514-8DB05E05343D}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{804990DA-9DBA-4431-9734-C914F857161F}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{83239126-BAB9-4747-BF3D-07F7EF4921AE}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{83F08E7C-1A27-45D0-B5DA-ECF879070738}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8590EBDD-7DD3-4F7C-AB33-893EAA7AFD89}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{86122945-F907-4BD2-A1F2-B072F9997831}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8A35BC28-8B45-492E-9A2E-680F83BA85E3}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8BD8DEA7-0010-4AD6-A1E8-997E90C42D15}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8D9B6C09-E957-483D-8B7C-53620C384148}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{8DFF8B44-7D8A-4BDC-A91A-26186BEE16D1}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9072FCD6-84FB-406E-AEC1-976B4A7819A0}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{90762925-CB79-4010-9CD4-62049ABADDAC}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{90FAAF49-510D-4979-83E9-519041A35228}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{94485A0C-E578-4100-9F0A-FB073062CD4C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9CDB6243-CC92-40FD-9F1C-1951941A6DE7}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9D5976C8-E700-43A3-9C5A-63600ABDC002}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9EA12ADF-1C0A-4D8E-BA7F-DFF26EE06091}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{9F0E221F-4019-4B54-9755-ED4ADE82569C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A0052BAC-A378-4428-8953-0C4E31CBED5C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A02C834A-5050-4A2E-83CC-91CF1EC66124}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A05A19E5-D439-4128-AE54-143689E19C38}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A464476C-39C6-4731-BD31-E625629F5521}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{A79E0AB9-D05D-4ACF-BBCD-DB605EAE46D8}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AAA267F2-0177-4F57-B934-344942CF9E18}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AD55656B-F6D3-4284-AB03-C16DE3A48DE5}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AE1D0D4E-DC91-4218-99B8-39D0C2AA5CAF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AF335C9D-2D42-4A41-BB12-3AFCC87CF79C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{AFCA34F2-929F-43A2-9890-7C080CBF511D}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B042FA36-FE4C-4E24-A305-3C1A3297A306}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B0C80917-E949-4082-92C8-9F1EF6E33682}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B2C53579-6F82-432B-B487-197412A11506}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B326BD43-34CE-4087-B6F7-B65AC1919A3E}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B531B076-791F-4248-AF2C-47DF3AA6766C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{B6565EED-8641-4ADB-B615-F0B24871AA2F}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{BB1B51EF-3427-49FF-AC09-6B0A3C19C2F2}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{BB2025E5-E223-4EB3-9638-B4C5CC64FAB2}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{BF45EF74-469F-42BC-9A5D-B4A9B025D87A}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C5C7BDAE-565B-48D8-920C-C0C2508CA531}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C6D989EB-D764-4937-B655-2A8AEA42CD78}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C75FE7C1-7B7C-4608-B6FE-A5200EEB6547}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C781D3D3-90EA-4DA3-A787-A59B1DDE5A0C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{C7E31C14-121E-48CC-A117-D6AFEC6A30A0}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D00390F8-DB06-4C1F-A253-00DD3AA62F86}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D030D4C7-55E3-4F39-925F-22576BE5E4B5}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D13880FF-F64B-43E2-8BEA-9A5ACA4A9F1B}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D26162C5-8CA3-4DEF-9756-5A3FF98759C3}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D74A81D5-CF8C-4F2C-AA58-AE1C5BFE72FB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D87A90B1-5BD7-47E2-9CD8-9FC43DCA2003}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{D919142A-C18C-4A9F-B366-FB2EF86B09CF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{DBB56E76-B9AA-424A-95CD-13B112AA5F67}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{DCF9ED4F-F17A-4CFD-BBB6-3096380DB661}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{DE7C8C98-BA69-49D8-81DD-39AD9023D4BF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{E408BB8D-1AF3-456D-AE8A-E17F7DDAEA75}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{E4A128D3-7896-4502-82FB-37D71947CBDA}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{E907551E-6925-4740-9218-E2A4A8AC49CF}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{EC440084-078B-4707-84F7-2D3D1F2841D9}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{EF658798-ED4E-400B-B264-98C60E60A59C}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{F0092A4B-2DDF-4B6B-AC67-C9AB41138EEB}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{F36A6039-7612-4629-AEDB-BC0332EA5C08}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{F5D1AE25-57DF-4E96-8363-D1AAF59D1036}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{F6756067-0C96-4EDD-A276-F0A5A4F018AD}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{FCFD2CC9-C874-4B41-80E0-8F97737D8D5E}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{FD95F12D-25DA-4A44-9DAF-3C5FCE489048}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{FE489599-056C-4991-8B17-61F27F9C1823}
Successfully deleted: [Empty Folder] C:\Users\Domov\appdata\local\{FEDA5BB9-1668-4531-8C2D-5EE82960CAAC}
~~~ FireFox
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml"
Emptied folder: C:\Users\Domov\AppData\Roaming\mozilla\firefox\profiles\9ddnnkuz.default\minidumps [5 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 01.12.2014 at 18:14:58,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/12/01 18:22:05 +0100</date>
<logfile>mbam-log-2014-12-01 (18-21-24).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.3.1025</version>
<malware-database>v2014.12.01.05</malware-database>
<rootkit-database>v2014.12.01.02</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Domov</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>333396</objects>
<time>2108</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>
<mbam-log>
<header>
<date>2014/12/01 18:22:05 +0100</date>
<logfile>mbam-log-2014-12-01 (18-21-24).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.3.1025</version>
<malware-database>v2014.12.01.05</malware-database>
<rootkit-database>v2014.12.01.02</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Domov</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>333396</objects>
<time>2108</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>
Re: kontrola logu
MbAM nic nenasel, takže do karanteny jsem nic nepresunul
Re: kontrola logu
RogueKiller V10.0.8.0 (x64) [Nov 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Domov [Práva správce]
Mód : Prohledat -- Datum : 12/01/2014 19:47:36
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 14 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3207455403-1667181425-955226745-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 192.168.2.40:3128 -> Nalezeno
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3207455403-1667181425-955226745-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 192.168.2.40:3128 -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3207455403-1667181425-955226745-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.centrum.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3207455403-1667181425-955226745-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.centrum.cz/ -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D59DA421-CE06-4AA2-89FD-5690823CB9C7} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D59DA421-CE06-4AA2-89FD-5690823CB9C7} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D59DA421-CE06-4AA2-89FD-5690823CB9C7} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 4 ¤¤¤
[Suspicious.Path] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job -- C:\Windows\TEMP\{1CD74825-6490-49D4-BE43-4E933FC8C3FE}.exe (--uninstall=1) -> Nalezeno
[Suspicious.Path] \\AVG-Secure-Search-Update_JUNE2013_TB_rmv -- C:\Windows\TEMP\{1CD74825-6490-49D4-BE43-4E933FC8C3FE}.exe (--uninstall=1) -> Nalezeno
[Suspicious.Path] \\McQcModifier-5c47-a7b0 -- C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd -> Nalezeno
[Suspicious.Path] \Microsoft\Windows\Media Center\PeriodicScanRetry -- %windir%\ehome\MCUpdate.exe (-pscn 0) -> Nalezeno
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 9ddnnkuz.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543225L9A300 +++++
--- User ---
[MBR] ed2316d65a2be7d4076f0b2cf737f8c3
[BSP] e2efbc85a7123ce460e89412671b1ee8 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 28674048 | Size: 100 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 28878848 | Size: 224373 MB
User = LL1 ... OK
User = LL2 ... OK
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Domov [Práva správce]
Mód : Prohledat -- Datum : 12/01/2014 19:47:36
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 14 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3207455403-1667181425-955226745-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 192.168.2.40:3128 -> Nalezeno
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3207455403-1667181425-955226745-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 192.168.2.40:3128 -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3207455403-1667181425-955226745-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.centrum.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3207455403-1667181425-955226745-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.centrum.cz/ -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D59DA421-CE06-4AA2-89FD-5690823CB9C7} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D59DA421-CE06-4AA2-89FD-5690823CB9C7} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D59DA421-CE06-4AA2-89FD-5690823CB9C7} | DhcpNameServer : 213.46.172.36 213.46.172.37 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 4 ¤¤¤
[Suspicious.Path] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job -- C:\Windows\TEMP\{1CD74825-6490-49D4-BE43-4E933FC8C3FE}.exe (--uninstall=1) -> Nalezeno
[Suspicious.Path] \\AVG-Secure-Search-Update_JUNE2013_TB_rmv -- C:\Windows\TEMP\{1CD74825-6490-49D4-BE43-4E933FC8C3FE}.exe (--uninstall=1) -> Nalezeno
[Suspicious.Path] \\McQcModifier-5c47-a7b0 -- C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd -> Nalezeno
[Suspicious.Path] \Microsoft\Windows\Media Center\PeriodicScanRetry -- %windir%\ehome\MCUpdate.exe (-pscn 0) -> Nalezeno
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 9ddnnkuz.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543225L9A300 +++++
--- User ---
[MBR] ed2316d65a2be7d4076f0b2cf737f8c3
[BSP] e2efbc85a7123ce460e89412671b1ee8 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 28674048 | Size: 100 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 28878848 | Size: 224373 MB
User = LL1 ... OK
User = LL2 ... OK
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 118 hostů