prosim o kontrolu logu diky

[Yelkinson]

Zoek.exe v5.0.0.0 Updated 27-01-2015
Tool run by xXx on Łt 03.02.2015 at 18:55:02,90.

Running in: Normal Mode Internet Access Detected
Launched: F:\Users\xXx\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

F:\zoek-results2014-10-27-134242.log 1160 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

F:\Program Files\Malwarebytes' Anti-Malware deleted successfully
F:\Program Files\Seznam.cz deleted successfully
F:\PROGRA~2\DAEMON Tools Pro deleted successfully
F:\PROGRA~2\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully
F:\Users\xXx\AppData\Roaming\ACEStream deleted successfully
F:\Users\xXx\AppData\Roaming\DAEMON Tools Pro deleted successfully
F:\Users\xXx\AppData\Roaming\Malwarebytes deleted successfully
F:\Users\xXx\AppData\Roaming\Nico Mak Computing deleted successfully
F:\Users\xXx\AppData\Local\WarThunder deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{016832E7-83BD-4E52-8822-1C68FA1D390C} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02AE1ECE-AA18-4624-8997-0427ACDAC369} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05AAC366-AAB0-4933-B664-BA90DD0C0FD3} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{075383E6-F901-4558-9189-2EEAC7543AE4} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{09B1FB17-8169-4630-9C7C-0D6A6BBDB958} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0C5F57B2-649E-4B22-A161-48FFA8D89C6E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0DEC25A8-9101-489D-B86E-A3653BEEDB40} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10EE94DD-F0DC-4986-9673-F1286B823F3} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1164C119-E165-4C06-BF7E-5E57742328DC} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1686491C-A7A0-4DF9-A811-DEF903C55F0A} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17B45D2C-D39F-4379-904A-A56BD25FB777} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17D71F03-309B-49E4-8E66-90017F54B202} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A453669-19F9-4004-B5FB-88AA718584} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BB92C12-B7F2-481A-85FA-B02E02426754} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1de6689e-37ff-4872-bb88-0c3c125025de} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E817C71-B636-43A1-A1C8-A5626175DA1B} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ED7528C-8B17-4F27-BCAE-EB871E14100D} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20d3868c-edfe-4933-9484-a547b68d0a3a} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20FB27F0-5640-4967-BA0B-26E6AE23C9B0} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22C7943C-D968-43DC-9C9E-FA22C8492A9C} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22CD9883-33A1-4D6A-8FA7-39515816C35A} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27742251-5A41-4FA5-B99E-F722D035C56A} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27bcfc15-720d-4cfc-a0c1-c430debcd384} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{293232C8-8E33-4423-A537-327A69F1DFF1} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29566500-2085-46D9-9C27-65D10667EABA} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B66D48C-69B9-4C6A-96D5-4F99CE98DFA6} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BA5D68C-2AF4-469A-90E0-F4F3FB16E8B0} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C4ED33C-FBA7-4773-9087-BC9819454B8A} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DBD8805-79D7-45E1-B261-0771EDA58D2F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DF5CC71-D394-42B5-9DF8-331369DF90EB} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31057A24-4E78-4E9E-8AB7-E75BC9955B1} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33B6EFC4-672F-4BFD-B559-7386EA4D7A0D} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38445101-6C28-41C9-9298-CBC4B30FC45E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38DD8B4F-2F7C-4134-A4BD-677C743016F8} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3973C384-8953-47ED-BFB6-6FF0961436C6} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EEB3843-83A9-460D-91C7-81CF2FCB595F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F3831A3-70C8-4D27-97F1-A2A133B218} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{403D990E-1AF0-416C-9AA0-F2DFB08499EB} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40848D46-BA14-4094-B567-6601D5720188} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{434D5E09-6F41-4D91-8FBB-F4C5B1E6ACE7} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{442CA71C-7903-49D8-A7F0-A33A1A0E65AA} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4534D4FA-1EB4-4BD6-90F8-28F8D277316} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46B509E0-5617-4DA5-A6A9-EF0FEB69C68F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48F9255B-2C69-4310-898A-4D179B5C32DC} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BFEF461-171C-4BBE-94F3-BE16DAF29D70} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E4E7F3-110A-4BC4-B73F-F5E81C41E95E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F8D86E4-5F76-4854-AC6A-3C27383318FA} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FAEC376-BE52-4487-B279-C46B45A1C472} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5290E6B6-427E-4A96-B27-1AC3C0A0C89B} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{563FB877-0EF3-4255-A5BA-01702AC690FD} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{574631E6-0FC5-4F83-9C09-50EAE08D15AD} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{581E08C6-C166-4150-AEE3-2B3520AB0EEE} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5876A8EB-06E9-43C1-9DEA-454EC5DF4E40} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{595751F7-828B-47B5-99C5-96377CA7E885} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59E3197F-49D5-47CE-B37A-315C97B22A92} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B2F94E0-D8C5-4553-995A-EDF62508BA21} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B5815BA-01BE-424A-9989-5FD5CB4BB731} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B80D2BC-479B-487C-8C95-809CC5692D7B} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BA035F4-F1A4-4CDE-BB12-C9A9325D9B60} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D570E7D-4F1A-451A-BDD1-05455BC8177F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D724A8B-98E8-482F-8514-38372072B42A} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DEDC251-6391-4E27-8F49-CF5306F8104F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DF897D2-DF5F-4388-AABD-D4870474194B} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EC28522-E423-4A3E-B6AB-7B8888E68C1A} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60B5948E-B44C-4C44-98EF-89E72A94071C} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6213ADCB-E48E-482B-B8FC-CD7E27A5FB97} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6271E9B1-8BDC-496C-9D8F-7688117F59BE} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65389BD4-F33A-44DE-A4F8-4BC7F0E01724} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65C3E6EF-921B-48AC-9186-C69D9FEC3CA3} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6668C581-DD0-482C-84F6-76ECC05D1225} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66F80107-9149-4A53-8B47-52E8BD650EB9} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{680A397A-D2C3-42F5-8E86-736BB5D3427A} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68D937B2-DE7A-489C-84CD-A37F79D746FA} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{690B4C2E-FDFD-43FB-92ED-DBD83A6EB8AD} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A18455D-E32E-4233-8DDE-24C38B6BED5C} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C72B85A-9071-49C2-A583-01AD69D16707} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C75205D-390C-4656-8A15-471C5A88133F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D129C52-1D97-41F8-A5D9-560C5F94EBAA} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EF0E912-93F9-424B-A027-603ED4432BF} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F616F83-F11-42E1-BD47-268FCFFF6B70} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FD76929-A96A-479F-BD1D-2B4B4AD9BAA0} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7229A912-C981-40BB-9AA0-B2E941D25913} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73809816-8306-4921-B7E3-294B75CBD7C7} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73876D1F-D899-4E96-BBC0-287F2F1572BD} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74099CBB-4842-43E0-8CA8-24E9FCAEA439} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75953145-1FA2-429B-B8F7-755810C60E8E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7706AC05-B890-4BC0-9706-7012EDD9CD94} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AA86223-5D74-4333-B892-54C9A59DC60} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BCC271E-4935-46D9-9D4D-EA19892BB093} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CC75F47-C2FE-4F15-9865-77F5F7E19D6E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D8D8E4E-7273-404F-9BA7-8ED905D5394F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DBAA6A9-FEB1-46A4-BFA3-C67866A588B1} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DDF2134-FCCD-4365-8627-2F6F6EA2C86E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FDC3E31-DCA1-4105-A73B-AC93A6D41522} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8203B991-2125-4B32-AE3F-1D71C9738B94} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83D1334D-856B-430A-93CC-997853F6F9F7} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84D2FADD-9560-432F-B8FB-702DD961F77B} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8751CE56-D770-4663-9676-4FF64C181AF1} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87CB0EC7-CD7D-4749-949C-FC18D727C8DF} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{890876D5-9201-46C8-B541-CDE303B6254E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89AC31B6-C30B-4068-BB75-E3E4C0009330} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A385E59-688B-471A-BBC9-5EBA39313B91} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D11774B-2811-464C-A1F9-41A6662665A4} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D6F3582-8901-489A-897C-0597918643EB} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DCB179C-AD29-47A8-9E30-C1649EBCB7CC} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F35EFAC-0A3D-4EE5-B980-D144C7FDB411} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90EFD564-5D68-4EBA-872C-0CD82BE1DE0E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9105DAE5-DE8D-4E9C-8FA4-2FA633D6E60F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92DD72BD-9A18-43CB-830A-4FD9235DF452} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DA7D5C-C029-4849-9A96-E08B29BC85A0} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95AA170B-4590-41CF-8003-70B8988CF6D4} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96A4258E-0BBD-427D-95DD-B6EF7FC7D75E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EAC5D22-D2A9-46EC-83EE-919D54D47EC1} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0AEBB31-3D8F-482A-B338-4D01AC9B4490} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A45B2F32-976A-41B7-907B-E80601B2947D} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A782B565-9A8A-4740-8B94-006CC7AD679D} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7F97451-EA7B-498C-9613-7184EA0D3F27} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A99BAAD0-D18F-47F4-9A9D-EC9ABDFF6EF} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA0AE5D9-AEAE-426A-8E3D-F943BEEE019} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA510003-A4FD-47F8-A84E-1A5669519FEA} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD0FCDE-EEB3-46CD-95C0-DC3A02EBF6A} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aaea3022-7bcd-42ec-83a4-b0e64a198145} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B10C6A75-0DE7-4D88-8474-CA3EC5B6D1D2} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1615EFD-87E4-4FB3-ADC4-A4531B7D4E35} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2519EAF-C4C1-4B7C-A5CB-E55A1ABFF409} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2EF823A-8791-4169-A139-7C65133A338F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B40D56DE-87C2-4D77-B9B6-103CCE44D75D} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B49CF92A-7B6-4A21-B71E-9E9AE31AAEA} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5C0ED61-D914-406B-8CDF-D89667252234} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B62BA554-E44A-467F-AB5E-4F93E6AC67EF} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6BF99DD-5D9B-4517-A7AF-3E6C10B5D72} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7253D6-6749-40AE-80B-E459DA8B2457} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCC9A64E-8B6D-4E85-97F2-587D2D8DDB2B} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEFB39E8-C111-4668-88B7-AAAC023BDCBB} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF0F0448-7FC9-4ECF-8B26-5945D7B475C5} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C14974ED-FA1C-4984-AB24-D64E0318E9FA} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C16EF545-5518-4317-968A-CB28D939DCB7} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1A34C80-ACFC-4BED-9F4D-FB9EC5763E9B} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C62AAB8C-2EFB-43C0-980C-E9AE4A24FB16} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C66682AD-DD64-4AD6-9BC-19294522963} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7C8EBB3-EC4A-40B8-ABFD-8629A3BBADB} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C83F3F28-E1D4-4D8E-A1D6-AC9D4E98F99A} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C858EB83-5EAB-4B3E-97E4-71567D47F840} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9A2382B-3FF8-467B-892C-F8014915C3C7} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB055806-14F6-4D07-9C57-8842C01AAE16} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB2CE5FC-1BA7-4841-A4E7-CEAB6EEB2B91} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBA53BC6-47AC-4833-9E36-6EBB8D01C086} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF5DAEBF-E236-4190-8FF0-C821F2990DE2} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFFD9629-4546-42B8-8442-1DFDDEF92BFF} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D10FAF54-7801-4EA8-9398-8084B5E8ADD0} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D21A30EA-4B3A-4C67-9960-81495D475CD0} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2C2FBEC-6A04-433F-A41F-E122032BA6E2} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6A8300D-F6BA-4F20-AA30-1ACA8BCBE333} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D709D268-8B13-465E-AA2C-D9D096249E68} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D84C02B8-2006-4158-9A10-EDAFF63B0C45} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9DD2B41-9131-4416-A738-89CEB34B1025} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD8170B8-A69D-4943-9451-F48D765E638F} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE731CE8-F4BB-4BE4-8A85-23EF15776BBF} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1C5BC5E-0FC6-4ED5-A848-C911A0BC7391} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6CF5C81-A5AC-4D71-89C3-E5E6E2779BE6} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E71DC8C9-B16F-4862-B817-D2BA56ED72D6} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8433A45-8C46-46F8-95FC-37CA50E940B2} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9F6DDE1-E4F2-4233-8E6B-A6E04694EE96} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB0EFA95-5FD8-451E-9E4D-693C3793816B} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED625158-46CF-4443-8D29-074B408FB5F4} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF041C90-A727-4C2E-9BF-DB225126D09} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF105476-2D9C-4DB6-8A49-3DB5D0949271} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFE1A262-47DF-4EA6-93E9-F5BC25EA4109} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F106B084-8029-4308-9F18-47765FD91E56} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2B75EA4-8D90-4D12-AB33-F5903A2A4BCA} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F454D25C-E25B-4BC2-ADAA-83543E4965E2} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6B4CD8C-6BA1-4021-86B1-2BFA98E4BBD7} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F757ED6B-E28E-4F31-9B62-1ECCAB22B20E} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9239EE8-9BFD-43E4-8FBC-A90FBA3ADE7C} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB2BC573-BF81-4CC6-A9AF-3167514F8F77} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBCA4173-C8FC-43BC-9A43-B5EF6B5D7743} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC998B30-80F9-4AF6-B457-AD01D3D1CDA7} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD29CDEC-1718-40CF-B65B-6A41F06E0005} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE885DEC-322F-4440-B9B6-C00F611999E0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1de6689e-37ff-4872-bb88-0c3c125025de} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20d3868c-edfe-4933-9484-a547b68d0a3a} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27bcfc15-720d-4cfc-a0c1-c430debcd384} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aaea3022-7bcd-42ec-83a4-b0e64a198145} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110411591160} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{93DBF2BB-A2B3-4683-A92E-57E60751F346} deleted successfully
HKEY_USERS\S-1-5-21-4180440179-413253161-2612144775-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\pm06ttbe.default\prefs.js:
user_pref("browser.search.defaulturl", "");
user_pref("browser.search.defaultenginename,S", "");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.selectedEngine,S", "");
user_pref("browser.search.order.1", "");
user_pref("browser.search.order.1,S", "");
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.useDBForOrder", true);

Added to F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\pm06ttbe.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\x0o2ntcq.default\prefs.js:

Added to F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\x0o2ntcq.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

F:\PROGRA~2\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found
F:\Users\xXx\.android deleted
F:\Program Files\Warner Bros. Interactive Entertainment deleted
F:\Users\xXx\AppData\Roaming\BitLord deleted
F:\PROGRA~2\boost_interprocess deleted
F:\PROGRA~2\InstallMate deleted
F:\Windows\system32\GroupPolicy\Machine deleted
F:\Windows\system32\GroupPolicy\User deleted
F:\Windows\system32\GroupPolicy\gpt.ini deleted
F:\Windows\System32\searchplugins deleted
F:\Windows\System32\Extensions deleted
F:\Users\xXx\Documents\BitLord deleted
F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\pm06ttbe.default\Invalidprefs.js deleted
F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\pm06ttbe.default\jetpack deleted
F:\Users\xXx\Desktop\SRDownloader.exe deleted
F:\Users\xXx\AppData\Roaming\DTPro4100218Advanced.exe deleted
"F:\Users\xXx\AppData\Roaming\chrtmp" deleted

==== Firefox Start and Search pages ======================

ProfilePath: F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\pm06ttbe.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\x0o2ntcq.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\pm06ttbe.default
- Undetermined - magicplayer@acestream.org

AppDir: F:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: F:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\pm06ttbe.default
343BA8F3ABC8CE69700F37DB4A82300F - f:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll - Silverlight Plug-In
E7006BB5611298DBDD03FE3519C19AC2 - F:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25
238F239EAEFF7E3E782913D599084E18 - F:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18
65C1D9F74004E775F9A8598476ABE5EE - F:\Users\xXx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
0CA4180B21C6B728578F3B0433BB740E - F:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
A30C10E0C3542B7A87FF7D2DFF4C9294 - F:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
3118619EBBA4257109A3FBEE807790F4 - F:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
58188C5118A9A7F24819B955F69AE82C - F:\Users\xXx\AppData\Local\Roblox\Versions\version-5d9b22aa9d594ee1\NPRobloxProxy.dll - Roblox Launcher Plugin
AB3546B509E4B89096078EB2081C39C7 - f:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrlui.dll - Microsoft® Silverlight
5A2FA2C44E8D76A8B5CD8A2D9B474F2A - F:\Users\xXx\AppData\Local\Roblox\Versions\version-5d9b22aa9d594ee1\NPRobloxProxy64.dll - Roblox Launcher Plugin


==== Fake Chromium Profiles Check ======================

Fake profile F:\Users\xXx\AppData\Local\Google\Chrome SxS deleted

==== Chromium Look ======================

Google Chrome Version: 37.0.2062.120 (Possible outdated, latest Stable version: 40.0.2214.94)


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Start Page Before"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Start Page Before"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{C358981A-BAF7-4EA7-A441-F8B141DB2093} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194"

==== Reset Google Chrome ======================

F:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
F:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\web data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0D96DD75-A036-7E59-9DFB-B4E995F22015} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{52717FA2-2DCA-2598-BAF2-CEBE405C1ACE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce deleted successfully

==== Empty IE Cache ======================

F:\Users\xXx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
F:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
F:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
F:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
F:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

F:\Users\xXx\AppData\Local\Mozilla\Firefox\Profiles\pm06ttbe.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

F:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== F:\zoek_backup content ======================

F:\zoek_backup (files=122 folders=26 4049427692 bytes)

==== Empty Temp Folders ======================

F:\Users\Default\AppData\Local\temp emptied successfully
F:\Users\Default User\AppData\Local\temp emptied successfully
F:\Users\xXx\AppData\Local\temp will be emptied at reboot
F:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
F:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
F:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

F:\Windows\Temp successfully emptied
F:\Users\xXx\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

F:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 03.02.2015 at 20:01:47,28 ======================

[Reklama]

[Yelkinson]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:15:39, on 31.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
F:\Windows\system32\Dwm.exe
F:\Windows\explorer.exe
F:\Windows\system32\DllHost.exe
F:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://F:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - F:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: DokanMounter - Unknown owner - F:\Program Files\Dokan\DokanLibrary\mounter.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - F:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - F:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - F:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - F:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - F:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - F:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 2639 bytes

[Yelkinson]

tak nevim pc vypada v pohode ale flash player mi nejde porad nainstalovat zustane jen okno"instalacni sluzba aplikace adobe flash player " a nic se nedeje.a ccleaner kdyz spustim tak v prvnim okne po 5 minutach nic jen to vypada ze to nacita ale nic se nedeje a druhe okno "registry " ty jdou normalne proskenovat a vycistit.tak nevim

[jaro3]

Odinstaluj ho tímto:
http://helpx.adobe.com/flash-player/kb/ ... ndows.html

nainstaluj:
http://get.adobe.com/cz/flashplayer/
odeber zatržítko : Ano Ano, nastavit Google Chrome jako výchozí prohlížeč.

[Yelkinson]

tak flash uz mam nainstalovanej ale ne s te stranky jak si psal ty ale odsud http://www.adobe.com/cz/products/flashp ... tion3.html s te tvoji stranky mi to neslo tak sem tohle nasel na netu.a ten ccleaner porad stejny komplet sem ho odinstaloval a nainstaloval nejnovejsi a porad to samy :/ tak nevim jinak pc vypada ok zatim dik

jo a jeste sem si vsiml ze kdyz ho dam spustit (dvojklik na ikonu) tak ve spravci mi vyskoci dvakrat CCleaner.exe tak jestli to neni tim ? :/

[jaro3]

Nemáš špatnou myš?

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Yelkinson]

mys by mela byt ok nebo nevim co by s ni bylo ale je pravda ze se mi obcas stane ze mi zamrzne kurzor ale to je tak jednou do mesice.mys mam Gigabit M6900




----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate SP1 [6.1 Build 7601] (x86)
Date : 2015/02/05 0:03:36

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ Intel(R) ICH10 Family 4 port Serial ATA Storage Controller 1 - 3A20 [ATA]
- ATA Channel 0 (0)
+ ATA Channel 1 (1)
- WDC WD5001AALS-00L3B2 ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) ICH10 Family 2 port Serial ATA Storage Controller 2 - 3A26 [ATA]
+ ATA Channel 0 (0)
- Jednotka CD-ROM
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD5001AALS-00L3B2 : 500,1 GB [0/3/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5001AALS-00L3B2
----------------------------------------------------------------------------
Model : WDC WD5001AALS-00L3B2
Firmware : 01.03B01
Serial Number : WD-WCASY6311334
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 19638 hod.
Power On Count : 2804 krát
Temperature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 161 159 _21 000000001356 Čas na roztočení ploten
04 _98 _98 __0 000000000B2C Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _74 _74 __0 000000004CB6 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000AF4 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000004D Počet vypnutí disku
C1 200 200 __0 000000000B2C Počet cyklů načítání/vymazání
C2 111 _94 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4153 5936 3331 3133 3334
020: 0000 FFFF 0032 3031 2E30 3342 3031 5744 4320 5744
030: 3530 3031 4141 4C53 2D30 304C 3342 3220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 207F 0039
090: 0039 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 0312 E332 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 91A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 A1 9F 56 13 00 00 00 00 00 04 32 00 62 62 2C
020: 0B 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 4A 4A B6 4C 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 F4 0A 00 00 00 00 00 C0 32
070: 00 C8 C8 4D 00 00 00 00 00 00 C1 32 00 C8 C8 2C
080: 0B 00 00 00 00 00 C2 22 00 6F 5E 24 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 98 2B 01 7B
170: 03 00 01 00 02 83 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C4

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ED

[Yelkinson]

ComboFix 15-02-02.01 - xXx 05.02.2015 0:10.2.2 - x86
Spuštěný z: f:\users\xXx\Desktop\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-04 do 2015-02-04 )))))))))))))))))))))))))))))))
.
.
2015-02-03 18:14 . 2015-02-03 17:55 24064 ----a-w- f:\windows\zoek-delete.exe
2015-02-02 17:48 . 2015-02-03 17:41 35064 ----a-w- f:\windows\system32\drivers\TrueSight.sys
2015-02-02 17:48 . 2015-02-02 17:48 -------- d-----w- f:\programdata\RogueKiller
2015-01-31 19:15 . 2015-01-31 19:15 388096 ----a-r- f:\users\xXx\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2015-01-31 19:15 . 2015-01-31 19:15 -------- d-----w- f:\program files\Trend Micro
2015-01-31 18:38 . 2015-01-31 18:38 -------- d-----w- f:\program files\Mozilla Maintenance Service
2015-01-31 18:38 . 2015-01-23 12:16 923208 ----a-w- f:\program files\Mozilla Firefox\uninstall\helper.exe
2015-01-31 18:38 . 2015-01-23 12:15 73840 ----a-w- f:\program files\Mozilla Firefox\wow_helper.exe
2015-01-31 18:38 . 2015-01-23 10:38 49776 ----a-w- f:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2015-01-31 18:38 . 2015-01-23 10:37 220784 ----a-w- f:\program files\Mozilla Firefox\sandboxbroker.dll
2015-01-25 04:51 . 2014-12-02 11:01 9054624 ----a-w- f:\programdata\Microsoft\Windows Defender\Definition Updates\{2AD5A0F9-C905-4906-A11D-EEC71F5DF13E}\mpengine.dll
2015-01-15 14:42 . 2014-12-11 17:47 56320 ----a-w- f:\windows\system32\TSWbPrxy.exe
2015-01-14 18:55 . 2015-01-14 19:26 -------- d-----w- f:\windows\system32\MpEngineStore
2015-01-14 18:54 . 2015-01-14 18:54 -------- d-----w- F:\c7023ae5719bcc55131e9dec26fd1ff3
2015-01-14 11:24 . 2014-12-12 05:11 3971512 ----a-w- f:\windows\system32\ntkrnlpa.exe
2015-01-14 11:24 . 2014-12-12 05:11 3916728 ----a-w- f:\windows\system32\ntoskrnl.exe
2015-01-14 11:24 . 2014-12-19 02:43 164864 ----a-w- f:\windows\system32\profsvc.dll
2015-01-14 11:24 . 2014-12-06 03:50 242688 ----a-w- f:\windows\system32\nlasvc.dll
2015-01-14 11:24 . 2014-12-19 01:34 116224 ----a-w- f:\windows\system32\drivers\mrxdav.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-02 17:36 . 2014-06-25 19:37 114904 ----a-w- f:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-13 03:33 . 2014-12-18 11:53 115712 ----a-w- f:\windows\system32\ieUnatt.exe
2014-11-22 02:20 . 2014-12-09 19:57 2724864 ----a-w- f:\windows\system32\mshtml.tlb
2014-11-22 02:20 . 2014-12-09 19:58 4096 ----a-w- f:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07 . 2014-12-09 19:58 501248 ----a-w- f:\windows\system32\vbscript.dll
2014-11-22 02:07 . 2014-12-09 19:57 62464 ----a-w- f:\windows\system32\iesetup.dll
2014-11-22 02:06 . 2014-12-09 19:58 47616 ----a-w- f:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-09 19:58 64000 ----a-w- f:\windows\system32\MshtmlDac.dll
2014-11-22 01:55 . 2014-12-09 19:58 102912 ----a-w- f:\windows\system32\ieetwcollector.exe
2014-11-22 01:54 . 2014-12-09 19:58 620032 ----a-w- f:\windows\system32\jscript9diag.dll
2014-11-22 01:48 . 2014-12-09 19:58 667648 ----a-w- f:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40 . 2014-12-09 19:58 60416 ----a-w- f:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-09 19:57 4299264 ----a-w- f:\windows\system32\jscript9.dll
2014-11-22 01:22 . 2014-12-09 19:57 2052096 ----a-w- f:\windows\system32\inetcpl.cpl
2014-11-22 01:21 . 2014-12-09 19:58 1155072 ----a-w- f:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00 . 2014-12-09 19:58 1888256 ----a-w- f:\windows\system32\wininet.dll
2014-11-21 05:14 . 2014-06-25 19:36 51928 ----a-w- f:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-06-25 19:36 75480 ----a-w- f:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2013-08-21 20:37 23256 ----a-w- f:\windows\system32\drivers\mbam.sys
2014-11-17 13:05 . 2014-08-16 07:34 96680 ----a-w- f:\windows\system32\WindowsAccessBridge.dll
2014-11-11 02:44 . 2014-12-09 19:58 1230336 ----a-w- f:\windows\system32\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 12:22 186880 ----a-w- f:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-19 12:22 550912 ----a-w- f:\windows\system32\kerberos.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-20 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7601.17514] . . f:\windows\System32\user32.dll
[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . f:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . f:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="f:\program files\CCleaner\CCleaner.exe" [2015-01-20 5496600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\F:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=f:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=f:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-10-28 08:29 3675352 ----a-w- f:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
2013-12-10 02:15 2279712 ----a-w- f:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
2013-11-08 20:46 1028384 ----a-w- f:\program files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
2013-12-10 02:13 982232 ----a-w- f:\windows\System32\nvspcap.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-10-07 14:39 507776 ----a-w- f:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2014-02-06 22:50 905296 ----a-w- f:\users\xXx\AppData\Roaming\uTorrent\uTorrent.exe
.
R0 mv61xx;mv61xx;f:\windows\system32\DRIVERS\mv61xx.sys [x]
R2 5d55f49c;SW-Sustainer;f:\windows\system32\rundll32.exe [2009-07-14 44544]
R2 AsSysCtrlService;ASUS System Control Service;f:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]
R2 DokanMounter;DokanMounter;f:\program files\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R3 DFX11_1;DFX Audio Enhancer 11.1;f:\windows\system32\drivers\dfx11_1.sys [2012-08-30 24424]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;f:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);f:\windows\system32\drivers\nvvad32v.sys [2013-12-05 34080]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;f:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Synth3dVsc;Synth3dVsc;f:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;f:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 VGPU;VGPU;f:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;f:\windows\system32\Wat\WatAdminSvc.exe [2012-12-29 1343400]
R3 WinRing0_1_2_0;WinRing0_1_2_0;f:\program files\Razer\Razer Game Booster\Driver\WinRing0.sys [x]
S0 mrdd;Marvell Removable Disk Control Driver;f:\windows\system32\DRIVERS\mrdd.sys [2008-11-12 18984]
S0 sptd;sptd;f:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;f:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-26 243128]
S2 Dokan;Dokan;f:\windows\system32\drivers\dokan.sys [2011-01-10 95744]
S2 MBAMScheduler;MBAMScheduler;f:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
S2 NvNetworkService;NVIDIA Network Service;f:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
S2 NvStreamSvc;NVIDIA Streamer Service;f:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 14658848]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;f:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
S3 LgBttPort;LGE Bluetooth TransPort;f:\windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
S3 lgbusenum;LG Bluetooth Bus Enumerator;f:\windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
S3 LGVMODEM;LGE Virtual Modem;f:\windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S3 tsusbhub;Remote Deskotop USB Hub;f:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-11 16:15 1096520 ----a-w- f:\program files\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-04 f:\windows\Tasks\Adobe Flash Player Updater.job
- f:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 21:25]
.
2015-02-04 f:\windows\Tasks\PC-Mechanic Maintenance.job
- f:\program files\Uniblue\PC-Mechanic\pc-mechanic.exe [2015-02-04 11:19]
.
2015-02-04 f:\windows\Tasks\PC-Mechanic Startup.job
- f:\program files\Uniblue\PC-Mechanic\pc-mechanic.exe [2015-02-04 11:19]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - f:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
FF - ProfilePath - f:\users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\pm06ttbe.default\
FF - prefs.js: browser.startup.homepage - about:home
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-02-05 00:22:55
ComboFix-quarantined-files.txt 2015-02-04 23:22
ComboFix2.txt 2014-10-27 13:33
.
Před spuštěním: Volných bajtů: 325 463 744 512
Po spuštění: Volných bajtů: 325 426 700 288
.
- - End Of File - - 6E6EAD9C338BCB9ABC09C1E7D67D128F
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
Driver::
5d55f49c
SW-Sustainer

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si z některého odkazu SystemLook
SystemLook (32-bit)
http://jpshortstuff.247fixes.com/SystemLook.exe

SystemLook (64-bit)
http://jpshortstuff.247fixes.com/SystemLook_x64.exe

a ulož si ho na plochu.

Poklepej na stažený SystemLook , zkopíruj do hlavního text. okna tento následující text:

Kód: Vybrat vše

:filefind
assistantsvc.dll.*



Klikni na Look ke startu skenu. Když program skončí objeví se v poznámkovém bloku zpráva skenu. Zkopíruj sem celý jeho obsah. Log se také nachází na ploše pod názvem SystemLook.txt.

[Yelkinson]

ComboFix 15-02-02.01 - xXx 07.02.2015 18:46:34.3.2 - x86
Spuštěný z: f:\users\xXx\Desktop\ComboFix.exe
Použité ovládací přepínače :: f:\users\xXx\Desktop\CFScript.txt
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_5d55f49c
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-07 do 2015-02-07 )))))))))))))))))))))))))))))))
.
.
2015-02-07 17:54 . 2015-02-07 17:54 -------- d-----w- f:\users\Public\AppData\Local\temp
2015-02-07 17:54 . 2015-02-07 17:54 -------- d-----w- f:\users\HomeGroupUser$\AppData\Local\temp
2015-02-07 17:54 . 2015-02-07 17:54 -------- d-----w- f:\users\Guest\AppData\Local\temp
2015-02-07 17:54 . 2015-02-07 17:54 -------- d-----w- f:\users\Default\AppData\Local\temp
2015-02-07 17:54 . 2015-02-07 17:54 -------- d-----w- f:\users\Administrator\AppData\Local\temp
2015-02-07 03:51 . 2015-02-07 03:51 62576 ----a-w- f:\programdata\Microsoft\Windows Defender\Definition Updates\{2AD5A0F9-C905-4906-A11D-EEC71F5DF13E}\offreg.dll
2015-02-06 13:19 . 2015-02-06 18:57 -------- d-----w- f:\users\xXx\AppData\Local\CrashDumps
2015-02-04 23:03 . 2015-02-04 23:03 -------- d-----w- f:\users\xXx\AppData\Roaming\Uniblue
2015-02-04 23:03 . 2015-02-04 23:03 -------- d-----w- f:\program files\Uniblue
2015-02-04 23:02 . 2015-02-04 23:02 -------- d-----w- f:\users\xXx\AppData\Roaming\OpenCandy
2015-02-04 23:02 . 2015-02-04 23:02 -------- d-----w- f:\program files\CrystalDiskInfo
2015-02-04 20:38 . 2015-02-04 20:38 -------- d-----w- f:\program files\CCleaner
2015-02-04 20:28 . 2015-02-04 21:25 71344 ----a-w- f:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-04 20:28 . 2015-02-04 21:25 701616 ----a-w- f:\windows\system32\FlashPlayerApp.exe
2015-02-04 20:14 . 2015-02-04 20:14 -------- d-sh--w- f:\users\xXx\AppData\Local\EmieBrowserModeList
2015-02-03 19:26 . 2015-02-04 20:25 -------- d-----w- f:\users\xXx\AppData\Local\Adobe
2015-02-03 18:14 . 2015-02-07 17:56 -------- d-----w- f:\users\xXx\AppData\Local\Temp
2015-02-03 18:14 . 2015-02-03 17:55 24064 ----a-w- f:\windows\zoek-delete.exe
2015-02-02 17:48 . 2015-02-03 17:41 35064 ----a-w- f:\windows\system32\drivers\TrueSight.sys
2015-02-02 17:48 . 2015-02-02 17:48 -------- d-----w- f:\programdata\RogueKiller
2015-01-31 19:15 . 2015-01-31 19:15 388096 ----a-r- f:\users\xXx\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2015-01-31 19:15 . 2015-01-31 19:15 -------- d-----w- f:\program files\Trend Micro
2015-01-31 18:38 . 2015-01-31 18:38 -------- d-----w- f:\program files\Mozilla Maintenance Service
2015-01-31 18:38 . 2015-01-23 12:16 923208 ----a-w- f:\program files\Mozilla Firefox\uninstall\helper.exe
2015-01-31 18:38 . 2015-01-23 12:15 73840 ----a-w- f:\program files\Mozilla Firefox\wow_helper.exe
2015-01-31 18:38 . 2015-01-23 10:38 49776 ----a-w- f:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2015-01-31 18:38 . 2015-01-23 10:37 220784 ----a-w- f:\program files\Mozilla Firefox\sandboxbroker.dll
2015-01-25 04:51 . 2014-12-02 11:01 9054624 ----a-w- f:\programdata\Microsoft\Windows Defender\Definition Updates\{2AD5A0F9-C905-4906-A11D-EEC71F5DF13E}\mpengine.dll
2015-01-15 14:42 . 2014-12-11 17:47 56320 ----a-w- f:\windows\system32\TSWbPrxy.exe
2015-01-14 18:55 . 2015-01-14 19:26 -------- d-----w- f:\windows\system32\MpEngineStore
2015-01-14 18:54 . 2015-01-14 18:54 -------- d-----w- F:\c7023ae5719bcc55131e9dec26fd1ff3
2015-01-14 11:24 . 2014-12-12 05:11 3971512 ----a-w- f:\windows\system32\ntkrnlpa.exe
2015-01-14 11:24 . 2014-12-12 05:11 3916728 ----a-w- f:\windows\system32\ntoskrnl.exe
2015-01-14 11:24 . 2014-12-19 02:43 164864 ----a-w- f:\windows\system32\profsvc.dll
2015-01-14 11:24 . 2014-12-06 03:50 242688 ----a-w- f:\windows\system32\nlasvc.dll
2015-01-14 11:24 . 2014-12-19 01:34 116224 ----a-w- f:\windows\system32\drivers\mrxdav.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-02 17:36 . 2014-06-25 19:37 114904 ----a-w- f:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-13 03:33 . 2014-12-18 11:53 115712 ----a-w- f:\windows\system32\ieUnatt.exe
2014-11-22 02:20 . 2014-12-09 19:57 2724864 ----a-w- f:\windows\system32\mshtml.tlb
2014-11-22 02:20 . 2014-12-09 19:58 4096 ----a-w- f:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07 . 2014-12-09 19:58 501248 ----a-w- f:\windows\system32\vbscript.dll
2014-11-22 02:07 . 2014-12-09 19:57 62464 ----a-w- f:\windows\system32\iesetup.dll
2014-11-22 02:06 . 2014-12-09 19:58 47616 ----a-w- f:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-09 19:58 64000 ----a-w- f:\windows\system32\MshtmlDac.dll
2014-11-22 01:55 . 2014-12-09 19:58 102912 ----a-w- f:\windows\system32\ieetwcollector.exe
2014-11-22 01:54 . 2014-12-09 19:58 620032 ----a-w- f:\windows\system32\jscript9diag.dll
2014-11-22 01:48 . 2014-12-09 19:58 667648 ----a-w- f:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40 . 2014-12-09 19:58 60416 ----a-w- f:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-09 19:57 4299264 ----a-w- f:\windows\system32\jscript9.dll
2014-11-22 01:22 . 2014-12-09 19:57 2052096 ----a-w- f:\windows\system32\inetcpl.cpl
2014-11-22 01:21 . 2014-12-09 19:58 1155072 ----a-w- f:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00 . 2014-12-09 19:58 1888256 ----a-w- f:\windows\system32\wininet.dll
2014-11-21 05:14 . 2014-06-25 19:36 51928 ----a-w- f:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-06-25 19:36 75480 ----a-w- f:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2013-08-21 20:37 23256 ----a-w- f:\windows\system32\drivers\mbam.sys
2014-11-17 13:05 . 2014-08-16 07:34 96680 ----a-w- f:\windows\system32\WindowsAccessBridge.dll
2014-11-11 02:44 . 2014-12-09 19:58 1230336 ----a-w- f:\windows\system32\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 12:22 186880 ----a-w- f:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-19 12:22 550912 ----a-w- f:\windows\system32\kerberos.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-20 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7601.17514] . . f:\windows\System32\user32.dll
[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . f:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . f:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="f:\program files\CCleaner\CCleaner.exe" [2015-01-20 5496600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\F:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=f:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=f:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-10-28 08:29 3675352 ----a-w- f:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
2013-12-10 02:15 2279712 ----a-w- f:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
2013-11-08 20:46 1028384 ----a-w- f:\program files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
2013-12-10 02:13 982232 ----a-w- f:\windows\System32\nvspcap.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-10-07 14:39 507776 ----a-w- f:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2014-02-06 22:50 905296 ----a-w- f:\users\xXx\AppData\Roaming\uTorrent\uTorrent.exe
.
R0 mv61xx;mv61xx;f:\windows\system32\DRIVERS\mv61xx.sys [x]
R3 DFX11_1;DFX Audio Enhancer 11.1;f:\windows\system32\drivers\dfx11_1.sys [2012-08-30 24424]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;f:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);f:\windows\system32\drivers\nvvad32v.sys [2013-12-05 34080]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;f:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Synth3dVsc;Synth3dVsc;f:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;f:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 VGPU;VGPU;f:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;f:\windows\system32\Wat\WatAdminSvc.exe [2012-12-29 1343400]
R3 WinRing0_1_2_0;WinRing0_1_2_0;f:\program files\Razer\Razer Game Booster\Driver\WinRing0.sys [x]
S0 mrdd;Marvell Removable Disk Control Driver;f:\windows\system32\DRIVERS\mrdd.sys [2008-11-12 18984]
S0 sptd;sptd;f:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;f:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-26 243128]
S2 AsSysCtrlService;ASUS System Control Service;f:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]
S2 Dokan;Dokan;f:\windows\system32\drivers\dokan.sys [2011-01-10 95744]
S2 DokanMounter;DokanMounter;f:\program files\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
S2 MBAMScheduler;MBAMScheduler;f:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
S2 NvNetworkService;NVIDIA Network Service;f:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
S2 NvStreamSvc;NVIDIA Streamer Service;f:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 14658848]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;f:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
S3 LgBttPort;LGE Bluetooth TransPort;f:\windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
S3 lgbusenum;LG Bluetooth Bus Enumerator;f:\windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
S3 LGVMODEM;LGE Virtual Modem;f:\windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S3 tsusbhub;Remote Deskotop USB Hub;f:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-11 16:15 1096520 ----a-w- f:\program files\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-07 f:\windows\Tasks\Adobe Flash Player Updater.job
- f:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 21:25]
.
2015-02-07 f:\windows\Tasks\PC-Mechanic Maintenance.job
- f:\program files\Uniblue\PC-Mechanic\pc-mechanic.exe [2015-02-04 11:19]
.
2015-02-07 f:\windows\Tasks\PC-Mechanic Startup.job
- f:\program files\Uniblue\PC-Mechanic\pc-mechanic.exe [2015-02-04 11:19]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - f:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
FF - ProfilePath - f:\users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\pm06ttbe.default\
FF - prefs.js: browser.startup.homepage - about:home
.
.
------------------------ Jiné spuštené procesy ------------------------
.
f:\windows\system32\nvvsvc.exe
f:\windows\system32\AUDIODG.EXE
f:\program files\NVIDIA Corporation\Display\nvxdsync.exe
f:\windows\system32\nvvsvc.exe
f:\windows\system32\taskhost.exe
f:\windows\system32\conhost.exe
f:\windows\system32\conhost.exe
f:\program files\NVIDIA Corporation\Display\nvtray.exe
f:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2015-02-07 18:58:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-07 17:58
ComboFix2.txt 2015-02-04 23:22
ComboFix3.txt 2014-10-27 13:33
.
Před spuštěním: Volných bajtů: 324 559 101 952
Po spuštění: Volných bajtů: 324 401 901 568
.
- - End Of File - - 0E01B40675903B6D1B23E77CC51A3548
A36C5E4F47E84449FF07ED3517B43A31

[Yelkinson]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:00:47, on 7.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
F:\Windows\system32\taskhost.exe
F:\Windows\system32\Dwm.exe
F:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
F:\Program Files\NVIDIA Corporation\Display\nvtray.exe
F:\Windows\Explorer.exe
F:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKCU\..\Run: [CCleaner Monitoring] "F:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-21-4180440179-413253161-2612144775-1001\..\Run: [CCleaner Monitoring] "F:\Program Files\CCleaner\CCleaner.exe" /MONITOR (User '?')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://F:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - F:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - F:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: DokanMounter - Unknown owner - F:\Program Files\Dokan\DokanLibrary\mounter.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - F:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - F:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - F:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - F:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - F:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - F:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 3209 bytes

[Yelkinson]

SystemLook 30.07.11 by jpshortstuff
Log created at 19:06 on 07/02/2015 by xXx
Administrator - Elevation successful

========== filefind ==========

Searching for "assistantsvc.dll.*"
No files found.

-= EOF =-