Zdravím,
nelze otevřít některé adresáře, programy. Nelze spustit aktualizaci Windows a některé další programy jako defragmentace disku a pod.
Děkuji za pomoc.
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:56:23, on 28.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5HUHAXDA\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Cobian Backup 11] "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Cobian Backup 11 Stínová kopie - Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8615 bytes
Prosím o kontrolu logu - nelze otevřít programy, adresáře...
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
===================================================
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
===================================================
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
===================================================
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
===================================================
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
===================================================
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
===================================================
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
# AdwCleaner v4.111 - Logfile created 28/02/2015 at 19:23:35
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : admin - ADMIN-PC
# Running from : C:\Users\admin\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : sbmntr
***** [ Files / Folders ] *****
File Found : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Found : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Found : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\searchplugins\Askcom.xml
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\SpeedItup Free
Folder Found : C:\Program Files (x86)\SpeedItup Free
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Uniblue
Folder Found : C:\ProgramData\Uniblue\DriverScanner
Folder Found : C:\Users\admin\AppData\Local\GetnowUninstall
Folder Found : C:\Users\admin\AppData\Local\GetNowUpdater
Folder Found : C:\Users\admin\AppData\Local\globalUpdate
Folder Found : C:\Users\admin\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\admin\AppData\LocalLow\Object Browser
Folder Found : C:\Users\admin\AppData\LocalLow\Sense
Folder Found : C:\Users\admin\AppData\Roaming\DownLite
Folder Found : C:\Users\admin\AppData\Roaming\GetNowUpdater
Folder Found : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Found : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Found : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\Extensions\toolbar@ask.com
Folder Found : C:\Users\admin\AppData\Roaming\Systweak
Folder Found : C:\Users\admin\Documents\smart pc cleaner
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Scheduled tasks ] *****
Task Found : Scheduled Update for Ask Toolbar
Task Found : ShopperPro
Task Found : ShopperProJSUpd
Task Found : SMupdate1
Task Found : SPDriver
Task Found : YTDownloader
Task Found : YTDownloaderUpd
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Alexa Internet
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Object Browser
Key Found : HKCU\Software\AppDataLow\Software\Sense
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\DownLite
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0B96B6CD-4D78-4AC3-90ED-C80603B4823B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKCU\Software\ShopperPro
Key Found : HKCU\Software\smarttweak
Key Found : HKCU\Software\YTDownloader
Key Found : [x64] HKCU\Software\Alexa Internet
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\DownLite
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0B96B6CD-4D78-4AC3-90ED-C80603B4823B}
Key Found : [x64] HKCU\Software\ShopperPro
Key Found : [x64] HKCU\Software\smarttweak
Key Found : [x64] HKCU\Software\YTDownloader
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\YTDownloader
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : [x64] HKLM\SOFTWARE\ShopperPro
Key Found : [x64] HKLM\SOFTWARE\YTDownloader
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v
[46novs8z.default-1349725026440] - Line Found : user_pref("browser.search.defaultengine", "Ask.com");
[46novs8z.default-1349725026440] - Line Found : user_pref("browser.search.order.1", "Ask.com");
[46novs8z.default-1349725026440] - Line Found : user_pref("browser.startup.homepage", "hxxp://www.amazon.com/websearch/ref=bit_bds-p12_serp_ff_us_display?ie=UTF8&tagbase=bds-p12&tbrId=v1_abb-channel-12_73d81ac658a14300b3dfad1bfc8ab0e3_39_1006_20131[...]
[46novs8z.default-1349725026440] - Line Found : user_pref("extensions.asktb.ff-original-keyword-url", "");
[46novs8z.default-1349725026440] - Line Found : user_pref("keyword.URL", "hxxp://www.amazon.com/websearch/ref=bit_bds-p12_serp_ff_us_display?ie=UTF8&tagbase=bds-p12&tbrId=v1_abb-channel-12_73d81ac658a14300b3dfad1bfc8ab0e3_39_1006_20131110_CZ_ff_ab_[...]
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [14768 bytes] - [28/02/2015 19:23:35]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14828 bytes] ##########
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : admin - ADMIN-PC
# Running from : C:\Users\admin\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : sbmntr
***** [ Files / Folders ] *****
File Found : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Found : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Found : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\searchplugins\Askcom.xml
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\SpeedItup Free
Folder Found : C:\Program Files (x86)\SpeedItup Free
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Uniblue
Folder Found : C:\ProgramData\Uniblue\DriverScanner
Folder Found : C:\Users\admin\AppData\Local\GetnowUninstall
Folder Found : C:\Users\admin\AppData\Local\GetNowUpdater
Folder Found : C:\Users\admin\AppData\Local\globalUpdate
Folder Found : C:\Users\admin\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\admin\AppData\LocalLow\Object Browser
Folder Found : C:\Users\admin\AppData\LocalLow\Sense
Folder Found : C:\Users\admin\AppData\Roaming\DownLite
Folder Found : C:\Users\admin\AppData\Roaming\GetNowUpdater
Folder Found : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Found : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Found : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\Extensions\toolbar@ask.com
Folder Found : C:\Users\admin\AppData\Roaming\Systweak
Folder Found : C:\Users\admin\Documents\smart pc cleaner
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Scheduled tasks ] *****
Task Found : Scheduled Update for Ask Toolbar
Task Found : ShopperPro
Task Found : ShopperProJSUpd
Task Found : SMupdate1
Task Found : SPDriver
Task Found : YTDownloader
Task Found : YTDownloaderUpd
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Alexa Internet
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Object Browser
Key Found : HKCU\Software\AppDataLow\Software\Sense
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\DownLite
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0B96B6CD-4D78-4AC3-90ED-C80603B4823B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKCU\Software\ShopperPro
Key Found : HKCU\Software\smarttweak
Key Found : HKCU\Software\YTDownloader
Key Found : [x64] HKCU\Software\Alexa Internet
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\DownLite
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0B96B6CD-4D78-4AC3-90ED-C80603B4823B}
Key Found : [x64] HKCU\Software\ShopperPro
Key Found : [x64] HKCU\Software\smarttweak
Key Found : [x64] HKCU\Software\YTDownloader
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\YTDownloader
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : [x64] HKLM\SOFTWARE\ShopperPro
Key Found : [x64] HKLM\SOFTWARE\YTDownloader
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v
[46novs8z.default-1349725026440] - Line Found : user_pref("browser.search.defaultengine", "Ask.com");
[46novs8z.default-1349725026440] - Line Found : user_pref("browser.search.order.1", "Ask.com");
[46novs8z.default-1349725026440] - Line Found : user_pref("browser.startup.homepage", "hxxp://www.amazon.com/websearch/ref=bit_bds-p12_serp_ff_us_display?ie=UTF8&tagbase=bds-p12&tbrId=v1_abb-channel-12_73d81ac658a14300b3dfad1bfc8ab0e3_39_1006_20131[...]
[46novs8z.default-1349725026440] - Line Found : user_pref("extensions.asktb.ff-original-keyword-url", "");
[46novs8z.default-1349725026440] - Line Found : user_pref("keyword.URL", "hxxp://www.amazon.com/websearch/ref=bit_bds-p12_serp_ff_us_display?ie=UTF8&tagbase=bds-p12&tbrId=v1_abb-channel-12_73d81ac658a14300b3dfad1bfc8ab0e3_39_1006_20131110_CZ_ff_ab_[...]
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [14768 bytes] - [28/02/2015 19:23:35]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14828 bytes] ##########
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 28.2.2015
Čas skenování: 19:38:06
Protokol:
Správce: Ano
Verze: 2.00.4.1028
Databáze malwaru: v2015.02.28.05
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: admin
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 342345
Uplynulý čas: 10 min, 15 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 0
(Žádné zákerné zjištěny položek)
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
www.malwarebytes.org
Datum skenování: 28.2.2015
Čas skenování: 19:38:06
Protokol:
Správce: Ano
Verze: 2.00.4.1028
Databáze malwaru: v2015.02.28.05
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: admin
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 342345
Uplynulý čas: 10 min, 15 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 0
(Žádné zákerné zjištěny položek)
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
# AdwCleaner v4.111 - Logfile created 28/02/2015 at 20:16:47
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : admin - ADMIN-PC
# Running from : C:\Users\admin\Desktop\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : sbmntr
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SpeedItup Free
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\admin\AppData\Local\globalUpdate
Folder Deleted : C:\Users\admin\AppData\Local\GetnowUninstall
Folder Deleted : C:\Users\admin\AppData\Local\GetNowUpdater
Folder Deleted : C:\Users\admin\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\admin\AppData\LocalLow\Object Browser
Folder Deleted : C:\Users\admin\AppData\LocalLow\Sense
Folder Deleted : C:\Users\admin\AppData\Roaming\DownLite
Folder Deleted : C:\Users\admin\AppData\Roaming\Systweak
Folder Deleted : C:\Users\admin\AppData\Roaming\GetNowUpdater
Folder Deleted : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\admin\Documents\smart pc cleaner
Folder Deleted : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\Extensions\toolbar@ask.com
Folder Deleted : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\searchplugins\Askcom.xml
File Deleted : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
***** [ Scheduled tasks ] *****
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : YTDownloader
Task Deleted : YTDownloaderUpd
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\admin\Desktop\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0B96B6CD-4D78-4AC3-90ED-C80603B4823B}
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\ShopperPro
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\DownLite
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Object Browser
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.amazon.com/websearch/ref=bit_bds-p12_serp_ff_us_display?ie=UTF8&tagbase=bds-p12&tbrId=v1_abb-channel-12_73d81ac658a14300b3dfad1bfc8ab0e3_39_1006_20131[...]
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://www.amazon.com/websearch/ref=bit_bds-p12_serp_ff_us_display?ie=UTF8&tagbase=bds-p12&tbrId=v1_abb-channel-12_73d81ac658a14300b3dfad1bfc8ab0e3_39_1006_20131110_CZ_ff_ab_[...]
-\\ Google Chrome v40.0.2214.115
*************************
AdwCleaner[R0].txt - [15072 bytes] - [28/02/2015 19:23:35]
AdwCleaner[R1].txt - [15145 bytes] - [28/02/2015 20:14:51]
AdwCleaner[S0].txt - [15134 bytes] - [28/02/2015 20:16:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15194 bytes] ##########
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : admin - ADMIN-PC
# Running from : C:\Users\admin\Desktop\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : sbmntr
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SpeedItup Free
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\admin\AppData\Local\globalUpdate
Folder Deleted : C:\Users\admin\AppData\Local\GetnowUninstall
Folder Deleted : C:\Users\admin\AppData\Local\GetNowUpdater
Folder Deleted : C:\Users\admin\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\admin\AppData\LocalLow\Object Browser
Folder Deleted : C:\Users\admin\AppData\LocalLow\Sense
Folder Deleted : C:\Users\admin\AppData\Roaming\DownLite
Folder Deleted : C:\Users\admin\AppData\Roaming\Systweak
Folder Deleted : C:\Users\admin\AppData\Roaming\GetNowUpdater
Folder Deleted : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\admin\Documents\smart pc cleaner
Folder Deleted : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\Extensions\toolbar@ask.com
Folder Deleted : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\searchplugins\Askcom.xml
File Deleted : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
***** [ Scheduled tasks ] *****
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : YTDownloader
Task Deleted : YTDownloaderUpd
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\admin\Desktop\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0B96B6CD-4D78-4AC3-90ED-C80603B4823B}
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\ShopperPro
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\DownLite
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Object Browser
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.amazon.com/websearch/ref=bit_bds-p12_serp_ff_us_display?ie=UTF8&tagbase=bds-p12&tbrId=v1_abb-channel-12_73d81ac658a14300b3dfad1bfc8ab0e3_39_1006_20131[...]
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
[46novs8z.default-1349725026440\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://www.amazon.com/websearch/ref=bit_bds-p12_serp_ff_us_display?ie=UTF8&tagbase=bds-p12&tbrId=v1_abb-channel-12_73d81ac658a14300b3dfad1bfc8ab0e3_39_1006_20131110_CZ_ff_ab_[...]
-\\ Google Chrome v40.0.2214.115
*************************
AdwCleaner[R0].txt - [15072 bytes] - [28/02/2015 19:23:35]
AdwCleaner[R1].txt - [15145 bytes] - [28/02/2015 20:14:51]
AdwCleaner[S0].txt - [15134 bytes] - [28/02/2015 20:16:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15194 bytes] ##########
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Professional x64
Ran by admin on so 28.02.2015 at 20:25:45,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update ttessab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util ttessab
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67315C8A-0BDF-47C7-9E93-9A868EB22980}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\admin\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Program Files (x86)\software informer"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 28.02.2015 at 20:27:58,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Professional x64
Ran by admin on so 28.02.2015 at 20:25:45,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update ttessab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util ttessab
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67315C8A-0BDF-47C7-9E93-9A868EB22980}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\admin\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Program Files (x86)\software informer"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 28.02.2015 at 20:27:58,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
RogueKiller V10.4.3.0 (x64) [Feb 23 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : admin [Práva správce]
Mód : Prohledat -- Datum : 02/28/2015 20:35:34
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 17 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO (\??\C:\Users\admin\AppData\Local\Temp\ALSysIO64.sys) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO (\??\C:\Users\admin\AppData\Local\Temp\ALSysIO64.sys) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO (\??\C:\Users\admin\AppData\Local\Temp\ALSysIO64.sys) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Startup][Soubor] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> Nalezeno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x3cae2c0
¤¤¤ Webové prohlížeče : 2 ¤¤¤
[PUP][FIREFX:Addon] 46novs8z.default-1349725026440 : The Amazon 1Button App for Firefox [abb@amazon.com] -> Nalezeno
[PUP][FIREFX:Addon] 46novs8z.default-1349725026440 : [toolbar@ask.com] -> Nalezeno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] ba824f4464f395ca7acb7975e191ecd3
[BSP] 37d2ab2282d7fa38e967a6595c6a0a01 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : admin [Práva správce]
Mód : Prohledat -- Datum : 02/28/2015 20:35:34
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 17 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO (\??\C:\Users\admin\AppData\Local\Temp\ALSysIO64.sys) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO (\??\C:\Users\admin\AppData\Local\Temp\ALSysIO64.sys) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO (\??\C:\Users\admin\AppData\Local\Temp\ALSysIO64.sys) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Startup][Soubor] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> Nalezeno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x3cae2c0
¤¤¤ Webové prohlížeče : 2 ¤¤¤
[PUP][FIREFX:Addon] 46novs8z.default-1349725026440 : The Amazon 1Button App for Firefox [abb@amazon.com] -> Nalezeno
[PUP][FIREFX:Addon] 46novs8z.default-1349725026440 : [toolbar@ask.com] -> Nalezeno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] ba824f4464f395ca7acb7975e191ecd3
[BSP] 37d2ab2282d7fa38e967a6595c6a0a01 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Vlož nový log z HJT + informuj o problémech.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Vlož nový log z HJT + informuj o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
RogueKiller V10.4.3.0 (x64) [Feb 23 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : admin [Práva správce]
Mód : Smazat -- Datum : 03/01/2015 10:51:06
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 17 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO -> Smazáno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Startup][Soubor] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> Smazáno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x3cae2c0
¤¤¤ Webové prohlížeče : 2 ¤¤¤
[PUP][FIREFX:Addon] 46novs8z.default-1349725026440 : The Amazon 1Button App for Firefox [abb@amazon.com] -> Smazáno
[PUP][FIREFX:Addon] 46novs8z.default-1349725026440 : [toolbar@ask.com] -> Smazáno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] ba824f4464f395ca7acb7975e191ecd3
[BSP] 37d2ab2282d7fa38e967a6595c6a0a01 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_02282015_203534.log - RKreport_SCN_03012015_104958.log
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : admin [Práva správce]
Mód : Smazat -- Datum : 03/01/2015 10:51:06
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 17 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO -> Smazáno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D9E91F23-8BA2-4549-B37C-12E6037A87E4} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Nahrazeno ()
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Startup][Soubor] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> Smazáno
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x3cae2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x3cae2c0
¤¤¤ Webové prohlížeče : 2 ¤¤¤
[PUP][FIREFX:Addon] 46novs8z.default-1349725026440 : The Amazon 1Button App for Firefox [abb@amazon.com] -> Smazáno
[PUP][FIREFX:Addon] 46novs8z.default-1349725026440 : [toolbar@ask.com] -> Smazáno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] ba824f4464f395ca7acb7975e191ecd3
[BSP] 37d2ab2282d7fa38e967a6595c6a0a01 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_02282015_203534.log - RKreport_SCN_03012015_104958.log
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
Zoek.exe v5.0.0.0 Updated 01-March-2015
Tool run by admin on ne 01.03.2015 at 10:56:15,46.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\admin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
1.3.2015 10:57:00 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\Program Files\Google deleted successfully
C:\Users\admin\AppData\Roaming\DAEMON Tools Pro deleted successfully
C:\Users\admin\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\admin\AppData\Local\Ubisoft Game Launcher deleted successfully
C:\Users\admin\AppData\Local\WarThunder deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{101116F6-5F2-488D-8A6B-63ADB470292A} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{157EDFC9-4075-4ED6-9BF9-1387DE5D65A7} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16d1b52d-0870-454e-8522-b95193b4eea1} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1717FCFD-BEAA-4757-8C41-8A6E7E229AB} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C12D32B-FBD4-462A-8DD4-C3567BF3CE7} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FBEC7FF-CE68-478C-B4DC-90B61CB6C0D6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20E88BAA-D0D8-42DC-B967-D73CF3ACB22} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2643E18B-4E79-4744-8778-5C7F9A2D74} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2895E133-6DF9-4220-8C6F-84DB7CFF228} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{293C9AC0-512-4292-8339-71594D7F92F} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a2bc8b3-1341-4f39-b394-7a4c76e50c97} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C8EDB18-D821-4BD1-915B-17E699AFC43F} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F728C33-9F4A-4C9F-BF6F-17B591818D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{355DCA27-C20B-43D3-B6F7-D7B242B084FD} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{397FFD92-A96A-49F4-A7D4-F3126D80B4B1} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E8E351C-9AFB-4F05-8746-A9A99A92F4D5} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E96BF37-4DE7-4AF3-AF27-DC269363BC1} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FD4A3BF-ECF3-46B1-8C59-F04176ED8454} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{454506A7-7B1C-4C29-A524-EBBBC85C337B} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46E176CB-1444-449F-83DE-16C91EC95F19} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48515E81-DEE6-4D0A-9BE1-9E1D7EE2B4E} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E83FF6D-2F56-45CB-B1A5-CB7066ED628} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52C11E0D-D65C-42FC-AAAC-2AB847E47DB8} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55e657e9-5f00-46d7-a81c-87af1d447e43} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59D5A170-9B20-44A6-91B1-6AAEED2AE14} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CF6257E-2305-4981-8A13-96DC1EF173} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EA8F59C-2286-4C6A-B4AE-5F1D77CCFFE} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{634950A3-E2F2-43AE-8BAB-887CAA99ED73} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{653057F1-D9FF-4390-B8D4-9E9AAE66B7F1} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66211267-F1DA-4230-B3BE-61B2C6ACF0FD} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{669AE95B-F417-4505-A389-8C38CDDE175} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68D1E278-60CB-4FD7-ADE9-1AD8A341E88C} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C52F176-76B0-4A43-B1DD-E186FE2E9A9} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DB33189-59AF-4577-B64A-FCB2C0A3139D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EF87496-E1A1-4E78-8C20-235AEFC4971D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F61BC0E-3ED2-4E7D-9C75-D7E6CBC24D3} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77B0A067-EAFB-4F4C-BC16-857B7738A24A} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7c572fbd-740d-4dbe-bfd3-79d16f420533} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81091348-8269-47C8-9A1F-95DE392721F6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{869FE4FD-2178-46FE-892-A66FDBFF5532} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88132F32-45D7-4782-BA8C-A6251D1B27D6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8855E58F-32D8-418F-ABD6-7E913B1393C5} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ACA7175-D0F5-4008-84F8-EFBA38C0575} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e8e892b-fe76-4a04-9147-5ef3927b7414} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9097DF17-7E5C-481D-8B31-6E708A20DEF0} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96c10fd4-a9dd-4ae9-bf7b-756185e51cdf} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97C6301A-F86-463D-8940-705EE06AE65A} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98f5cb16-e8ff-4c6d-871e-58ac3062a598} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c880294-e1e3-4dd0-be77-73477aa9de41} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DC591A0-8425-482C-9F72-6FD36EDABA79} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1DA20CE-243C-44A0-9C60-1F1A68595593} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2A6458E-ED8F-4E74-9DA1-CE132F85CD97} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4d8b196-4241-4e4d-9062-2952037f06a3} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5529F5A-70A7-493D-9C92-E0B157EDD31D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5A94CCB-C2EA-4101-BAA5-A7535561BE47} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A60DF7CC-8C3F-4134-9642-5A889F660DC} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A68202F6-94FD-41DC-8785-9F8EE97DA1B4} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC8C69A-99B4-4750-BA22-5752DA371FE6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE2B1487-2A83-437A-9FDB-E3A5ABF8A2BD} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B18EDD5D-971B-4796-9D9B-7F47B9EAF42C} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B190A348-CD15-4B1E-B3A2-6925D2D724} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43979ED-76A4-4664-B7DE-711488FA9C8D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b483568d-e196-40cb-8af6-a9f5dcc800b0} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6F10BE5-9A18-4D91-94F1-DD1F496DC859} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7C4048F-9B69-4471-AC5A-A0EE2C12EC4} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C14810E4-D9CA-46CF-869-CC15D5D63D9} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C32209B7-273B-4C2B-AF73-D07193471688} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C332DBA6-21C3-4EB0-A4E-E8BF6C3F46C6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cb8c17dc-de10-4306-8e03-dddcf34eff6b} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBDD3793-5B00-45D1-89BD-86E48A741C79} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD69BB20-FDCB-40D4-905E-708CD22081BF} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D75FAC13-1937-4539-8ED0-46F234643D1D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D97D896A-17DA-4034-B142-75D08E7E5A14} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAF0ABAF-3C-41DD-903F-9BF7BD8846D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBC21146-64A3-4E6B-BDDB-B3E123DF972F} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDDB33A5-B40A-42AE-B5F4-B92EE8CAC687} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFABDD57-8248-48F2-989E-46D6DB71A037} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e48fe0d6-9902-4213-8253-2dce7916e3cc} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E584F579-F1E-48A6-89F7-1BE6DF77D22} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E90FD73C-4D71-44DC-9ADA-362B95DE9D2} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED1B1C6D-D3C2-4907-872B-943894866978} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f123e00f-36fa-4afb-81c0-b9636b4fcd33} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F12C4260-D11E-405C-8A7B-B49894308E68} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAFFDC72-8E4A-4997-AFE5-7DC6BBC9E78} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD838CB7-D2DF-4E31-9012-BA4CC2CA5C8A} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fe384e20-bfb9-4cf0-94c2-7d69cc6d6dd4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16d1b52d-0870-454e-8522-b95193b4eea1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a2bc8b3-1341-4f39-b394-7a4c76e50c97} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55e657e9-5f00-46d7-a81c-87af1d447e43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7c572fbd-740d-4dbe-bfd3-79d16f420533} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e8e892b-fe76-4a04-9147-5ef3927b7414} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96c10fd4-a9dd-4ae9-bf7b-756185e51cdf} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98f5cb16-e8ff-4c6d-871e-58ac3062a598} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c880294-e1e3-4dd0-be77-73477aa9de41} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4d8b196-4241-4e4d-9062-2952037f06a3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b483568d-e196-40cb-8af6-a9f5dcc800b0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cb8c17dc-de10-4306-8e03-dddcf34eff6b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e48fe0d6-9902-4213-8253-2dce7916e3cc} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f123e00f-36fa-4afb-81c0-b9636b4fcd33} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fe384e20-bfb9-4cf0-94c2-7d69cc6d6dd4} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\prefs.js:
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\prefs.js:
ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_01.03.2015_1106_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Malwarebytes' Anti-Malware not found
C:\PROGRA~2\AGEIA Technologies deleted
C:\PROGRA~2\Free Download Manager deleted
C:\Users\admin\.android deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\Odinstalovat produkt.exe deleted
C:\found.000 deleted
C:\PROGRA~3\spds90.txt deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Users\Public\CCcleaner-2.26.exe deleted
C:\Users\Public\AlexaNSISPlugin.1060.dll deleted
C:\Users\Public\AlexaNSISPlugin.5036.dll deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\Users\admin\AppData\Roaming\Ambient" deleted
"C:\Users\admin\AppData\Roaming\Analog Mono" deleted
"C:\Users\admin\AppData\Roaming\Analog Pad" deleted
"C:\Users\admin\AppData\Roaming\Authentication" deleted
"C:\Users\admin\AppData\Roaming\DirectoryService" deleted
"C:\ProgramData\Analog Sync" deleted
"C:\ProgramData\Animals" deleted
"C:\ProgramData\Applause and Laugher" deleted
"C:\ProgramData\Basic Synth" deleted
"C:\ProgramData\grep" deleted
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chromium Look ======================
Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115)
Seznam Lištička - Email - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Ttessab - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnodfmacmakcfggameblghiagfbpokic
Seznam Lištička - Rychlá volba - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
==== Chromium Fix ======================
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnodfmacmakcfggameblghiagfbpokic deleted successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnodfmacmakcfggameblghiagfbpokic_0.localstorage deleted successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnodfmacmakcfggameblghiagfbpokic_0.localstorage-journal deleted successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnodfmacmakcfggameblghiagfbpokic deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{07196244-E3DE-4EEA-B586-09374B43B647} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415"
{0D696E4B-3701-4CC4-B4E3-2F2275839FE6} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415"
{17AB7B50-F18D-4038-9C57-DB4D21451D88} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415"
{1DDB2CDF-316F-41D9-8B5F-929073BE0625} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415"
{4436F1BA-CA07-4583-94C5-8651BBC9A8A1} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415"
{74737489-5851-418F-BE88-B90100E5235B} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415"
{9ADB6E6E-D239-4279-BFA9-E8AC99E3EB97} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415"
{DB3DA972-D305-4264-868B-E0E6ACA09B37} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415"
{FCF72A00-448E-4E7C-A2F2-C8A78C5E6A1C} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz="
==== Reset Google Chrome ======================
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\GetNowUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=80 folders=41 22427554 bytes)
==== Empty Temp Folders ======================
C:\Users\admin\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\admin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied
==== EOF on ne 01.03.2015 at 11:20:44,90 ======================
Tool run by admin on ne 01.03.2015 at 10:56:15,46.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\admin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
1.3.2015 10:57:00 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\Program Files\Google deleted successfully
C:\Users\admin\AppData\Roaming\DAEMON Tools Pro deleted successfully
C:\Users\admin\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\admin\AppData\Local\Ubisoft Game Launcher deleted successfully
C:\Users\admin\AppData\Local\WarThunder deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{101116F6-5F2-488D-8A6B-63ADB470292A} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{157EDFC9-4075-4ED6-9BF9-1387DE5D65A7} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16d1b52d-0870-454e-8522-b95193b4eea1} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1717FCFD-BEAA-4757-8C41-8A6E7E229AB} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C12D32B-FBD4-462A-8DD4-C3567BF3CE7} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FBEC7FF-CE68-478C-B4DC-90B61CB6C0D6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20E88BAA-D0D8-42DC-B967-D73CF3ACB22} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2643E18B-4E79-4744-8778-5C7F9A2D74} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2895E133-6DF9-4220-8C6F-84DB7CFF228} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{293C9AC0-512-4292-8339-71594D7F92F} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a2bc8b3-1341-4f39-b394-7a4c76e50c97} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C8EDB18-D821-4BD1-915B-17E699AFC43F} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F728C33-9F4A-4C9F-BF6F-17B591818D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{355DCA27-C20B-43D3-B6F7-D7B242B084FD} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{397FFD92-A96A-49F4-A7D4-F3126D80B4B1} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E8E351C-9AFB-4F05-8746-A9A99A92F4D5} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E96BF37-4DE7-4AF3-AF27-DC269363BC1} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FD4A3BF-ECF3-46B1-8C59-F04176ED8454} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{454506A7-7B1C-4C29-A524-EBBBC85C337B} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46E176CB-1444-449F-83DE-16C91EC95F19} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48515E81-DEE6-4D0A-9BE1-9E1D7EE2B4E} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E83FF6D-2F56-45CB-B1A5-CB7066ED628} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52C11E0D-D65C-42FC-AAAC-2AB847E47DB8} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55e657e9-5f00-46d7-a81c-87af1d447e43} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59D5A170-9B20-44A6-91B1-6AAEED2AE14} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CF6257E-2305-4981-8A13-96DC1EF173} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EA8F59C-2286-4C6A-B4AE-5F1D77CCFFE} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{634950A3-E2F2-43AE-8BAB-887CAA99ED73} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{653057F1-D9FF-4390-B8D4-9E9AAE66B7F1} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66211267-F1DA-4230-B3BE-61B2C6ACF0FD} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{669AE95B-F417-4505-A389-8C38CDDE175} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68D1E278-60CB-4FD7-ADE9-1AD8A341E88C} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C52F176-76B0-4A43-B1DD-E186FE2E9A9} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DB33189-59AF-4577-B64A-FCB2C0A3139D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EF87496-E1A1-4E78-8C20-235AEFC4971D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F61BC0E-3ED2-4E7D-9C75-D7E6CBC24D3} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77B0A067-EAFB-4F4C-BC16-857B7738A24A} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7c572fbd-740d-4dbe-bfd3-79d16f420533} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81091348-8269-47C8-9A1F-95DE392721F6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{869FE4FD-2178-46FE-892-A66FDBFF5532} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88132F32-45D7-4782-BA8C-A6251D1B27D6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8855E58F-32D8-418F-ABD6-7E913B1393C5} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ACA7175-D0F5-4008-84F8-EFBA38C0575} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e8e892b-fe76-4a04-9147-5ef3927b7414} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9097DF17-7E5C-481D-8B31-6E708A20DEF0} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96c10fd4-a9dd-4ae9-bf7b-756185e51cdf} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97C6301A-F86-463D-8940-705EE06AE65A} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98f5cb16-e8ff-4c6d-871e-58ac3062a598} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c880294-e1e3-4dd0-be77-73477aa9de41} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DC591A0-8425-482C-9F72-6FD36EDABA79} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1DA20CE-243C-44A0-9C60-1F1A68595593} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2A6458E-ED8F-4E74-9DA1-CE132F85CD97} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4d8b196-4241-4e4d-9062-2952037f06a3} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5529F5A-70A7-493D-9C92-E0B157EDD31D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5A94CCB-C2EA-4101-BAA5-A7535561BE47} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A60DF7CC-8C3F-4134-9642-5A889F660DC} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A68202F6-94FD-41DC-8785-9F8EE97DA1B4} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC8C69A-99B4-4750-BA22-5752DA371FE6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE2B1487-2A83-437A-9FDB-E3A5ABF8A2BD} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B18EDD5D-971B-4796-9D9B-7F47B9EAF42C} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B190A348-CD15-4B1E-B3A2-6925D2D724} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43979ED-76A4-4664-B7DE-711488FA9C8D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b483568d-e196-40cb-8af6-a9f5dcc800b0} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6F10BE5-9A18-4D91-94F1-DD1F496DC859} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7C4048F-9B69-4471-AC5A-A0EE2C12EC4} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C14810E4-D9CA-46CF-869-CC15D5D63D9} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C32209B7-273B-4C2B-AF73-D07193471688} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C332DBA6-21C3-4EB0-A4E-E8BF6C3F46C6} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cb8c17dc-de10-4306-8e03-dddcf34eff6b} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBDD3793-5B00-45D1-89BD-86E48A741C79} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD69BB20-FDCB-40D4-905E-708CD22081BF} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D75FAC13-1937-4539-8ED0-46F234643D1D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D97D896A-17DA-4034-B142-75D08E7E5A14} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAF0ABAF-3C-41DD-903F-9BF7BD8846D} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBC21146-64A3-4E6B-BDDB-B3E123DF972F} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDDB33A5-B40A-42AE-B5F4-B92EE8CAC687} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFABDD57-8248-48F2-989E-46D6DB71A037} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e48fe0d6-9902-4213-8253-2dce7916e3cc} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E584F579-F1E-48A6-89F7-1BE6DF77D22} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E90FD73C-4D71-44DC-9ADA-362B95DE9D2} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED1B1C6D-D3C2-4907-872B-943894866978} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f123e00f-36fa-4afb-81c0-b9636b4fcd33} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F12C4260-D11E-405C-8A7B-B49894308E68} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAFFDC72-8E4A-4997-AFE5-7DC6BBC9E78} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD838CB7-D2DF-4E31-9012-BA4CC2CA5C8A} deleted successfully
HKEY_USERS\S-1-5-21-3106253132-3128010108-230500583-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fe384e20-bfb9-4cf0-94c2-7d69cc6d6dd4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16d1b52d-0870-454e-8522-b95193b4eea1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a2bc8b3-1341-4f39-b394-7a4c76e50c97} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55e657e9-5f00-46d7-a81c-87af1d447e43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7c572fbd-740d-4dbe-bfd3-79d16f420533} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e8e892b-fe76-4a04-9147-5ef3927b7414} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96c10fd4-a9dd-4ae9-bf7b-756185e51cdf} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98f5cb16-e8ff-4c6d-871e-58ac3062a598} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c880294-e1e3-4dd0-be77-73477aa9de41} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4d8b196-4241-4e4d-9062-2952037f06a3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b483568d-e196-40cb-8af6-a9f5dcc800b0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cb8c17dc-de10-4306-8e03-dddcf34eff6b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e48fe0d6-9902-4213-8253-2dce7916e3cc} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f123e00f-36fa-4afb-81c0-b9636b4fcd33} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fe384e20-bfb9-4cf0-94c2-7d69cc6d6dd4} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\prefs.js:
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440\prefs.js:
ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\46novs8z.default-1349725026440
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_01.03.2015_1106_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Malwarebytes' Anti-Malware not found
C:\PROGRA~2\AGEIA Technologies deleted
C:\PROGRA~2\Free Download Manager deleted
C:\Users\admin\.android deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\Odinstalovat produkt.exe deleted
C:\found.000 deleted
C:\PROGRA~3\spds90.txt deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Users\Public\CCcleaner-2.26.exe deleted
C:\Users\Public\AlexaNSISPlugin.1060.dll deleted
C:\Users\Public\AlexaNSISPlugin.5036.dll deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\Users\admin\AppData\Roaming\Ambient" deleted
"C:\Users\admin\AppData\Roaming\Analog Mono" deleted
"C:\Users\admin\AppData\Roaming\Analog Pad" deleted
"C:\Users\admin\AppData\Roaming\Authentication" deleted
"C:\Users\admin\AppData\Roaming\DirectoryService" deleted
"C:\ProgramData\Analog Sync" deleted
"C:\ProgramData\Animals" deleted
"C:\ProgramData\Applause and Laugher" deleted
"C:\ProgramData\Basic Synth" deleted
"C:\ProgramData\grep" deleted
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chromium Look ======================
Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115)
Seznam Lištička - Email - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Ttessab - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnodfmacmakcfggameblghiagfbpokic
Seznam Lištička - Rychlá volba - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
==== Chromium Fix ======================
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnodfmacmakcfggameblghiagfbpokic deleted successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnodfmacmakcfggameblghiagfbpokic_0.localstorage deleted successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnodfmacmakcfggameblghiagfbpokic_0.localstorage-journal deleted successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnodfmacmakcfggameblghiagfbpokic deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{07196244-E3DE-4EEA-B586-09374B43B647} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415"
{0D696E4B-3701-4CC4-B4E3-2F2275839FE6} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415"
{17AB7B50-F18D-4038-9C57-DB4D21451D88} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415"
{1DDB2CDF-316F-41D9-8B5F-929073BE0625} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415"
{4436F1BA-CA07-4583-94C5-8651BBC9A8A1} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415"
{74737489-5851-418F-BE88-B90100E5235B} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415"
{9ADB6E6E-D239-4279-BFA9-E8AC99E3EB97} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415"
{DB3DA972-D305-4264-868B-E0E6ACA09B37} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415"
{FCF72A00-448E-4E7C-A2F2-C8A78C5E6A1C} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz="
==== Reset Google Chrome ======================
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\GetNowUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=80 folders=41 22427554 bytes)
==== Empty Temp Folders ======================
C:\Users\admin\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\admin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied
==== EOF on ne 01.03.2015 at 11:20:44,90 ======================
Re: Prosím o kontrolu logu - nelze otevřít programy, adresář
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:28:39, on 1.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
C:\Users\admin\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Cobian Backup 11] "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Cobian Backup 11 Stínová kopie - Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7891 bytes
Scan saved at 11:28:39, on 1.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
C:\Users\admin\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Cobian Backup 11] "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Cobian Backup 11 Stínová kopie - Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7891 bytes
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 53 hostů