Rising Antivirus Vyřešeno

[bobsch2]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11.7.2015
Čas skenování: 13:11
Protokol: fgfgfggfgfggf.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.11.02
Databáze rootkitů: v2015.07.10.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Admin

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 493311
Uplynulý čas: 29 min, 0 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Reklama]

[bobsch2]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.2 (07.10.2015:3)
OS: Windows 7 Enterprise x64
Ran by Admin on so 11.07.2015 at 13:48:29,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] Update eye perform [Reboot required]
Successfully deleted: [Service] Util eye perform [Reboot required]



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\0
Successfully deleted: [Task] C:\Windows\system32\tasks\Uninstaller_SkipUac_Admin



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\apphide
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ qqpctray



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update eye perform
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Kozaka
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util eye perform



~~~ Files

Successfully deleted: [File] C:\ProgramData\mntemp
Successfully deleted: [File] C:\Users\Admin\appdata\local\google\chrome\user data\default\local storage\chrome-extension_balimbofoedmklhpnchbgmlfipgpbjnl_0.localstorage
Successfully deleted: [File] C:\Users\Admin\appdata\local\google\chrome\user data\default\local storage\chrome-extension_balimbofoedmklhpnchbgmlfipgpbjnl_0.localstorage-journal
Successfully deleted: [File] C:\Users\Admin\appdata\local\google\chrome\user data\default\local storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage
Successfully deleted: [File] C:\Users\Admin\appdata\local\google\chrome\user data\default\local storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage-journal
Successfully deleted: [File] C:\Users\Admin\appdata\local\google\chrome\user data\default\local storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage
Successfully deleted: [File] C:\Users\Admin\appdata\local\google\chrome\user data\default\local storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage-journal
Successfully deleted: [File] C:\Users\Admin\appdata\local\google\chrome\user data\default\local storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage
Successfully deleted: [File] C:\Users\Admin\appdata\local\google\chrome\user data\default\local storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage-journal



~~~ Folders

Failed to delete: [Folder] C:\Users\Admin\appdata\local\crashrpt
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\ProgramData\summersoft
Successfully deleted: [Folder] C:\Users\Admin\appdata\local\installer
Successfully deleted: [Folder] C:\Users\Admin\appdata\local\sysassistbyhotwheel
Successfully deleted: [Folder] C:\Users\Admin\AppData\Roaming\dll-files.com
Successfully deleted: [Folder] C:\Users\Admin\AppData\Roaming\ppslog
Successfully deleted: [Folder] C:\Users\Admin\documents\add-in express



~~~ FireFox

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@iqiyi.com/npwebplayer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@qq.com/npandroidassistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@qq.com/qqpcmgr
Successfully deleted the following from C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\zfecvo39.default\prefs.js

user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, sien);
user_pref(browser.search.searchengine.uid, SAMSUNGXHD103SI_S1VSJDWZ301792);



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Admin\appdata\local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Successfully deleted: [Folder] C:\Users\Admin\appdata\local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Successfully deleted: [Folder] C:\Users\Admin\appdata\local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

[C:\Users\Admin\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Admin\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
bgjpfhpjcgdppjbgnpnjllokbmcdllig
blmojkbhnkkphngknkmgccmlenfaelkd
olfeabkoenfaoljndfecamgilllcpiak

[C:\Users\Admin\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Admin\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
bgjpfhpjcgdppjbgnpnjllokbmcdllig,
blmojkbhnkkphngknkmgccmlenfaelkd,
olfeabkoenfaoljndfecamgilllcpiak
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 11.07.2015 at 13:54:14,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[bobsch2]

RogueKiller V10.9.1.0 (x64) [Jul 9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Opera?ní systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spu?t?no : Normální re?im
U?ivatel : Admin [Práva správce]
Started from : C:\Users\Admin\Desktop\Správa PC\RogueKillerX64.exe
Mód : Prohledat -- Datum : 07/11/2015 14:22:05

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{718F08A7-6A6D-4B81-873F-8BB9197B3E44} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{718F08A7-6A6D-4B81-873F-8BB9197B3E44} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{718F08A7-6A6D-4B81-873F-8BB9197B3E44} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)]) -> Nalezeno

¤¤¤ Úlohy : 6 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\CuriousReader.job -- c:\programdata\{db0cb12e-c346-1636-db0c-cb12ec34c4bb}\sevensetup.exe (--startup=1 --single) -> Nalezeno
[Suspicious.Path] %WINDIR%\Tasks\D9lVOK7PoavtV96.job -- C:\Users\Admin\AppData\Roaming\D9lVOK7PoavtV96.exe (--c=HfRqjav7vuc+rqoxtJsDkzWYhQTBiehdcPJkvdKJeV/wUiVetPQ9RlKyMjxKC+jLLDdl0pglhZ0jAPgKihN41g++LVUqQ7QqAq5rNW2H146oP/R3CV91/ozNKnf/pzPBm8IZj1GP/T95pUs8kLvx9/+Sz716Hc0mvPUJwkpbeQZOYARhYQ8NHK8h8D+obT+46uCqqd4eppBTMpsa4KJ3fhAFrgVCWm6dNigC5qbvGbW2FuPhhGB2Equtg2+ze0vEgX24hq3ZXRzYoTxKUWw+jEdPjC+Bbyn3UA77Ul8gWCH/aYJwSdkW77TTFuuK6nwRQ/R/RNKyoaVOdhXMB2oW2A==) -> Nalezeno
[Suspicious.Path] %WINDIR%\Tasks\dUkLGUjDGJqaY51PWq6RiU.job -- C:\Users\Admin\AppData\Roaming\dUkLGUjDGJqaY51PWq6RiU.exe (--c=ZonHlfIE7p4euGuLhoWA64oIk7iX4Iho0SK2oBmzGKw9OehnEZPCYfvTNJfvK1Jq7FHi7aw2AJwWzTrW0LrK0/tanOBZtULk5ZxnUtb5MLzmaediMQ9B7MIzF+1xVV18qI5+wPRhm9GSLTMy/Vdek4bw6+la8JLH5ZLWbIsLVBFy5isumt3zANGPEb4WxTO0Hq5CwaitQ3eu6Twm0frEppAg3OVHbkvo1h1+phGVE3iSWMtonsA1jFHemvbZhsPwKAoS5O26fDya/zzb6wfjPyWybN7aWf/K112tnFvCsSeuggbR2vYYGX0WrllK6xPkJCA1ls9G5wcgMtBsBxlDIQ==) -> Nalezeno
[Suspicious.Path] %WINDIR%\Tasks\OfficeTools.job -- c:\programdata\{5d344dce-0bd0-272e-5d34-44dce0bd3738}\sevensetup.exe (--startup=1 --single) -> Nalezeno
[Suspicious.Path] \GoogleUpdateTaskUserS-1-5-21-1970835742GUI -- C:\Users\Admin\AppData\Roaming\ArcSoft\googleupd.exe -> Nalezeno
[Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> Nalezeno

¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Startup|VT.Unknown][Soubor] C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Vý?ezy obrazovky a spu?t?ní aplikace OneNote 2010.lnk -> Nalezeno

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CREATE[0] : Unknown @ 0x418cde9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x418cde9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x418cde9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x418cde9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_POWER[22] : Unknown @ 0x418cde9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x418cde9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_PNP[27] : Unknown @ 0x418cde9600000000

¤¤¤ Webové prohlí?e?e : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SI ATA Device +++++
--- User ---
[MBR] 13fa379bd7632cdd54e637eb18893955
[BSP] 40058e6b77cbc02e89872bb10cead5e9 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([1] Nesprávná funkce. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

[Orcus]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

[bobsch2]

RogueKiller V10.9.1.0 (x64) [Jul 9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Opera?ní systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spu?t?no : Normální re?im
U?ivatel : Admin [Práva správce]
Started from : C:\Users\Admin\Desktop\Správa PC\RogueKillerX64.exe
Mód : Smazat -- Datum : 07/11/2015 21:04:52

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{718F08A7-6A6D-4B81-873F-8BB9197B3E44} | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{718F08A7-6A6D-4B81-873F-8BB9197B3E44} | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{718F08A7-6A6D-4B81-873F-8BB9197B3E44} | DhcpNameServer : ([(Private Address) (XX)]) -> Nahrazeno ()

¤¤¤ Úlohy : 6 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\CuriousReader.job -- c:\programdata\{db0cb12e-c346-1636-db0c-cb12ec34c4bb}\sevensetup.exe (--startup=1 --single) -> ERROR [0]
[Suspicious.Path] %WINDIR%\Tasks\D9lVOK7PoavtV96.job -- C:\Users\Admin\AppData\Roaming\D9lVOK7PoavtV96.exe (--c=HfRqjav7vuc+rqoxtJsDkzWYhQTBiehdcPJkvdKJeV/wUiVetPQ9RlKyMjxKC+jLLDdl0pglhZ0jAPgKihN41g++LVUqQ7QqAq5rNW2H146oP/R3CV91/ozNKnf/pzPBm8IZj1GP/T95pUs8kLvx9/+Sz716Hc0mvPUJwkpbeQZOYARhYQ8NHK8h8D+obT+46uCqqd4eppBTMpsa4KJ3fhAFrgVCWm6dNigC5qbvGbW2FuPhhGB2Equtg2+ze0vEgX24hq3ZXRzYoTxKUWw+jEdPjC+Bbyn3UA77Ul8gWCH/aYJwSdkW77TTFuuK6nwRQ/R/RNKyoaVOdhXMB2oW2A==) -> ERROR [0]
[Suspicious.Path] %WINDIR%\Tasks\dUkLGUjDGJqaY51PWq6RiU.job -- C:\Users\Admin\AppData\Roaming\dUkLGUjDGJqaY51PWq6RiU.exe (--c=ZonHlfIE7p4euGuLhoWA64oIk7iX4Iho0SK2oBmzGKw9OehnEZPCYfvTNJfvK1Jq7FHi7aw2AJwWzTrW0LrK0/tanOBZtULk5ZxnUtb5MLzmaediMQ9B7MIzF+1xVV18qI5+wPRhm9GSLTMy/Vdek4bw6+la8JLH5ZLWbIsLVBFy5isumt3zANGPEb4WxTO0Hq5CwaitQ3eu6Twm0frEppAg3OVHbkvo1h1+phGVE3iSWMtonsA1jFHemvbZhsPwKAoS5O26fDya/zzb6wfjPyWybN7aWf/K112tnFvCsSeuggbR2vYYGX0WrllK6xPkJCA1ls9G5wcgMtBsBxlDIQ==) -> ERROR [0]
[Suspicious.Path] %WINDIR%\Tasks\OfficeTools.job -- c:\programdata\{5d344dce-0bd0-272e-5d34-44dce0bd3738}\sevensetup.exe (--startup=1 --single) -> ERROR [0]
[Suspicious.Path] \GoogleUpdateTaskUserS-1-5-21-1970835742GUI -- C:\Users\Admin\AppData\Roaming\ArcSoft\googleupd.exe -> ERROR [0]
[Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> ERROR [0]

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhostSmazáno

¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CREATE[0] : Unknown @ 0x418cdd9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x418cdd9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x418cdd9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x418cdd9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_POWER[22] : Unknown @ 0x418cdd9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x418cdd9600000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_PNP[27] : Unknown @ 0x418cdd9600000000

¤¤¤ Webové prohlí?e?e : 9 ¤¤¤
[FIREFX:Addon] zfecvo39.default : Google? Translator [jid1-dgnIBwQga0SIBw@jetpack] -> Smazáno
[FIREFX:Addon] zfecvo39.default : Save Text to File [HighlightedTextToFile@bobbyrne01.org] -> Smazáno
[FIREFX:Addon] zfecvo39.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[FIREFX:Addon] zfecvo39.default : DownThemAll! [{DDC359D1-844A-42a7-9AA1-88A850A938A8}] -> Smazáno
[FIREFX:Addon] zfecvo39.default : Google? Translator Lite [jid1-f3mYMbCpz2AZYl@jetpack] -> Smazáno
[FIREFX:Addon] zfecvo39.default : S3.Google Translator [s3google@translator] -> Smazáno
[FIREFX:Addon] zfecvo39.default : eye perform 1.0.1 [{a099f353-be27-4260-8532-0fab017d0e4f}] -> Smazáno
[FIREFX:Addon] zfecvo39.default : CuttThePriCe [mCeYx@c6KJ56.org] -> Smazáno
[FIREFX:Addon] zfecvo39.default : bestadblocker [2cVnn@AV.org] -> Smazáno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SI ATA Device +++++
--- User ---
[MBR] 13fa379bd7632cdd54e637eb18893955
[BSP] 40058e6b77cbc02e89872bb10cead5e9 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([1] Nesprávná funkce. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

[bobsch2]

Zdravím, nejde mi otevřít jako správce Zoek, blokuje ho Rising scan. Zkoušel jsem stáhnout i jiné verze a pořád nic.

[Zuzi33]

Ahoj.

Tiež sa mi omylom podarilo stiahnúť tento program a neišlo mi ho žiadnym príkazom odinštalovať.
V uvedenom linku preposielam ľahučký návod na úplne odstránenie programu. Ale stále mám problém s vyskakovaním nežiadúcich okien v prehliadači, ktoré spomalujú internet...

https://www.youtube.com/watch?v=4PzxLPmFIgY

[jerabina]

bobsch2 použij ten návod od Zuzi, případně ten krok s odinstalací může být lehce odlišný, protože ta složka se možná bude jmenovat jinak, to je nutné najít. Poté udělej Zoek znova a log sem vlož.

To Zuzi: Založ si vlastní téma v sekci HiJackThis kam vlož log z programu HJT(návod v mém podpisu).

[bobsch2]

Najel jsem do ovládacích panelů odinstalace programů, a darebáka jsem tam našel i když před tím nebyl vidět. Odinstaloval jsem ho klasicky.
Ted zkusím rozjet Zoek.

[bobsch2]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Admin on ne 12.07.2015 at 20:03:46,14.
Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Admin\Desktop\Správa PC\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12.7.2015 20:11:51 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\19c3ba1a-3723-469c-a19d-e1405990ac57 deleted successfully
C:\PROGRA~2\5c2f5bb1-23a5-4ea8-bd0f-30fb709cdbbf deleted successfully
C:\PROGRA~2\5c89b090-e56c-42c2-abd5-2f78c8839aa1 deleted successfully
C:\PROGRA~2\9e55b7eb-ab15-4687-8229-858b63fcd5c6 deleted successfully
C:\PROGRA~2\AGB-GT deleted successfully
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Air Conflicts Secret Wars Crack Only-FLT deleted successfully
C:\PROGRA~2\Bass Pro Shops - The Strike deleted successfully
C:\PROGRA~2\Black_Box deleted successfully
C:\PROGRA~2\DAP deleted successfully
C:\PROGRA~2\Dark Souls Prepare to Die Edition cestina deleted successfully
C:\PROGRA~2\DsNET Corp deleted successfully
C:\PROGRA~2\Fotolab deleted successfully
C:\PROGRA~2\Freemake deleted successfully
C:\PROGRA~2\FreeTime deleted successfully
C:\PROGRA~2\G Data deleted successfully
C:\PROGRA~2\GoogleChromePortable deleted successfully
C:\PROGRA~2\GRETECH deleted successfully
C:\PROGRA~2\JetAudio deleted successfully
C:\PROGRA~2\KtLauncher deleted successfully
C:\PROGRA~2\MarkAny deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\R.G. Games deleted successfully
C:\PROGRA~2\R.G. Mechanics deleted successfully
C:\PROGRA~2\Share Rapid Uploader deleted successfully
C:\PROGRA~2\Spyware Terminator deleted successfully
C:\PROGRA~2\SystemDefend deleted successfully
C:\PROGRA~2\SystemVigor deleted successfully
C:\PROGRA~2\Tor deleted successfully
C:\PROGRA~2\Unzip Wizard deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\PROGRA~2\Webteh deleted successfully
C:\PROGRA~2\Wondershare deleted successfully
C:\PROGRA~2\COMMON~1\AOL deleted successfully
C:\PROGRA~2\COMMON~1\ArcSoft deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\Bitdefender deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\SpeedProject deleted successfully
C:\Program Files\Common Files\DESIGNER deleted successfully
C:\PROGRA~3\Alternate deleted successfully
C:\PROGRA~3\AWEM deleted successfully
C:\PROGRA~3\Focus Photoeditor 6 deleted successfully
C:\PROGRA~3\Focus Photoeditor 6 Users deleted successfully
C:\PROGRA~3\KASTNER software deleted successfully
C:\PROGRA~3\Logs deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\SpeedBit deleted successfully
C:\Users\Admin\AppData\Roaming\COWON deleted successfully
C:\Users\Admin\AppData\Roaming\DMCache deleted successfully
C:\Users\Admin\AppData\Roaming\FreshDiagnose deleted successfully
C:\Users\Admin\AppData\Roaming\iolo deleted successfully
C:\Users\Admin\AppData\Roaming\IrfanView deleted successfully
C:\Users\Admin\AppData\Roaming\Moyea deleted successfully
C:\Users\Admin\AppData\Roaming\Pexeso deleted successfully
C:\Users\Admin\AppData\Roaming\QuickScan deleted successfully
C:\Users\Admin\AppData\Roaming\Real deleted successfully
C:\Users\Admin\AppData\Roaming\Ubisoft deleted successfully
C:\Users\Admin\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Admin\AppData\Roaming\__TMPZipFolder deleted successfully
C:\Users\Admin\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Admin\AppData\Local\EmieSiteList deleted successfully
C:\Users\Admin\AppData\Local\EmieUserList deleted successfully
C:\Users\Admin\AppData\Local\GHISLER deleted successfully
C:\Users\Admin\AppData\Local\Samsung deleted successfully
C:\Users\Admin\AppData\Local\TomTom deleted successfully
C:\Users\Admin\AppData\Local\Unity deleted successfully
C:\Users\Arnochtomag\AppData\Local\MediaServer deleted successfully
C:\Users\Arnochtomag\AppData\Local\VirtualStore deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{109E30F-A0D0-4846-8C85-EF516264318} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1720435-1998-46CC-8CD2-67FDCCFC8678} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26E26EEB-D17C-487E-AC4-387496BA42} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27B8ADC6-6718-49A5-B914-3CE2196A3DA} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32EDF15C-3291-43D2-8F75-B90CEB74844} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40448E2F-D47A-478F-8FB5-A2ACD3056E75} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46A62139-5EB0-4212-B118-40E6C41E4E52} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A7C545D-CF3D-4FEA-8CD8-4F1DAAB3049} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ABE3D6E-108-4DEB-9E43-B3BAE0CF97} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AC9377E-4C01-4367-9E9D-DE9EA53B5A5} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B405145-1326-4BA5-841F-503157ECFFCC} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5AAB5D3C-5E4E-41CC-89DD-A2E333CA7961} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5AEB9C92-C99B-48AD-BFA4-EE798665E3FB} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{613E008A-3A59-4C59-A467-E88A7320B476} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{620C970C-FB50-40EA-8D6C-EA8C97CF41} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63E3640A-C347-491E-9CFD-C0BF9D6E818C} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DBA1BEB-9272-4E52-96A-BF8D23A5E626} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EE0BDD-A8FF-4E12-B668-6338BA7C216} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{700E1A9D-55E5-490B-A72C-822594F9F7F} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71428E72-658-4B66-AF62-D0155467E8DB} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E8686F-9180-4065-8B3F-CADB5FBFF9CE} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D94AA6-E1FE-4EF1-A0F6-D7E075F91BC} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DC5FAA-A439-435D-8948-6F98F0E0503E} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95F34EB9-6DB-49B0-99BB-D7CC92AA5A21} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FCF5DA9-66F3-4EA0-B240-5DAAB5B26C8} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD99464-6C15-459B-B9DB-4681C1C5FDBA} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B06041D8-5CBB-4082-8653-9DCBC03E3B3B} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDDE5606-3D18-4BB3-9A65-0CCB449CA9D} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBBF2845-F872-42C0-A313-D6DE7C88180} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF24BC5B-F857-4B57-9E4A-14C3A87CBCE} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ef56b20a-c11f-467c-bfcb-a122a42e2177} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFB866C6-4D02-450F-8ADA-977CABEFE9} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7F9DC2-7E18-4CA3-BB6B-AA425992AEB7} deleted successfully
HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8250708-D4-4D3E-989F-13AB988E91B6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ef56b20a-c11f-467c-bfcb-a122a42e2177} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-572532400-2546031134-3008305638-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zfecvo39.default\prefs.js:
user_pref("browser.startup.homepage", "about:blank");
user_pref("browser.newtab.url", "about:blank");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");

Added to C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zfecvo39.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Admin\AppData\Roaming\Thunderbird\Profiles\af1ytsma.default\prefs.js:

Added to C:\Users\Admin\AppData\Roaming\Thunderbird\Profiles\af1ytsma.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\ARNOCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\qxkknb3d.default\prefs.js:
user_pref("browser.startup.homepage", "www.google.com");

Added to C:\Users\ARNOCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\qxkknb3d.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zfecvo39.default

user.js not found
---- Lines eye perform removed from prefs.js ----
user_pref("extensions.eye perform.asul", "1436383545716");
user_pref("extensions.eye perform.aul", "1436383544220");
user_pref("extensions.eye perform.irl", true);
user_pref("extensions.eye perform.is", "dgbp2cz");
user_pref("extensions.eye perform.ug", "C5D8A148-018A-416F-B5B5-5D4010179466");
---- Lines extensions.Ixql7v9frwaHH6ct removed from prefs.js ----
user_pref("extensions.Ixql7v9frwaHH6ct.epoch", "1436469962");
user_pref("extensions.Ixql7v9frwaHH6ct.url", "http://webdireect.in/sync2/?q=hfZ9ofV9CShEAen0rTn9rHCMg708BNmGWj8deShGheDUojw8rdCEqTsFrjk9rShIC7n0rjkEqH
---- Lines extensions.cMAoAmwn94NU1BqP removed from prefs.js ----
user_pref("extensions.cMAoAmwn94NU1BqP.epoch", "1436469962");
user_pref("extensions.cMAoAmwn94NU1BqP.url", "http://southlord.info/sync2/?q=hfZ9oelNAyPRDchEAen0rTn9rHCMg708BNmGWj8deShGheDUojw8rdCEqTsFrjkEqchIC7n0r
---- FireFox user.js and prefs.js backups ----

prefs_12.07.2015_2026_.backup

ProfilePath: C:\Users\Admin\AppData\Roaming\Thunderbird\Profiles\af1ytsma.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_12.07.2015_2026_.backup

ProfilePath: C:\Users\ARNOCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\qxkknb3d.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_12.07.2015_2026_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"

==== Batch Command(s) Run By Tool======================


Katalog Winsock byl ŁspŘçnŘ resetov n.
K dokonźenˇ resetov nˇ je nutn‚ restartovat poźˇtaź.


==== Deleting Files \ Folders ======================

C:\PROGRA~2\19c3ba1a-3723-469c-a19d-e1405990ac57 not found
C:\PROGRA~2\5c2f5bb1-23a5-4ea8-bd0f-30fb709cdbbf not found
C:\PROGRA~2\5c89b090-e56c-42c2-abd5-2f78c8839aa1 not found
C:\PROGRA~2\9e55b7eb-ab15-4687-8229-858b63fcd5c6 not found
C:\PROGRA~2\AGB-GT not found
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Air Conflicts Secret Wars Crack Only-FLT not found
C:\PROGRA~2\Bass Pro Shops - The Strike not found
C:\PROGRA~2\Black_Box not found
C:\PROGRA~2\DAP not found
C:\PROGRA~2\Dark Souls Prepare to Die Edition cestina not found
C:\PROGRA~2\DsNET Corp not found
C:\PROGRA~2\Fotolab not found
C:\PROGRA~2\Freemake not found
C:\PROGRA~2\FreeTime not found
C:\PROGRA~2\G Data not found
C:\PROGRA~2\GoogleChromePortable not found
C:\PROGRA~2\GRETECH not found
C:\PROGRA~2\JetAudio not found
C:\PROGRA~2\KtLauncher not found
C:\PROGRA~2\MarkAny not found
C:\PROGRA~2\R.G. Games not found
C:\PROGRA~2\R.G. Mechanics not found
C:\PROGRA~2\Share Rapid Uploader not found
C:\PROGRA~2\Spyware Terminator not found
C:\PROGRA~2\SystemDefend not found
C:\PROGRA~2\SystemVigor not found
C:\PROGRA~2\Tor not found
C:\PROGRA~2\Unzip Wizard not found
C:\PROGRA~2\VideoLAN not found
C:\PROGRA~2\Webteh not found
C:\PROGRA~2\Wondershare not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\PROGRA~2\ExtractNow deleted
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\PROGRA~2\Musix Search deleted
C:\PROGRA~2\Notable PDF deleted
C:\PROGRA~2\Windows Media Adapter v615 deleted
C:\Users\Admin\AppData\LocalLow\{14385916-B8FE-C9DD-6530-ED069FF59E7B} deleted
C:\Users\Admin\AppData\LocalLow\{825B82D2-1AB0-2302-C75E-FE66CD049F01} deleted
C:\Users\Admin\AppData\LocalLow\{9FD3D761-2B09-DA1A-0229-0248A05B0334} deleted
C:\Users\Admin\AppData\LocalLow\{A2DD68F2-640C-43AC-FE8A-58B6C4B7F0A2} deleted
C:\Users\Admin\AppData\LocalLow\{CFB5FD45-1726-0744-02A0-C00F47717662} deleted
C:\Users\Admin\AppData\Local\Packages\windows_ie_ac_001\AC\{14385916-B8FE-C9DD-6530-ED069FF59E7B} deleted
C:\Users\Admin\AppData\Local\Packages\windows_ie_ac_001\AC\{825B82D2-1AB0-2302-C75E-FE66CD049F01} deleted
C:\Users\Admin\AppData\Local\Packages\windows_ie_ac_001\AC\{9FD3D761-2B09-DA1A-0229-0248A05B0334} deleted
C:\Users\Admin\AppData\Local\Packages\windows_ie_ac_001\AC\{A2DD68F2-640C-43AC-FE8A-58B6C4B7F0A2} deleted
C:\Users\Admin\AppData\Local\Packages\windows_ie_ac_001\AC\{CFB5FD45-1726-0744-02A0-C00F47717662} deleted
C:\Users\Admin\AppData\Local\Packages\windows_ie_ac_001\AC\{F1C915B0-03B9-AC4C-1361-86D05C11BABE} deleted
C:\Users\Admin\.android deleted
C:\PROGRA~2\Alawarhry.cz deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\Users\Admin\AppData\Roaming\LogFile.txt deleted
C:\Users\Admin\AppData\Roaming\Alawar deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Admin\AppData\Local\Wondershare deleted
C:\Users\Admin\AppData\Local\cache deleted
C:\Users\Admin\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lavasoft\WebCompanion deleted
C:\Users\Admin\AppData\LocalLow\{07D3E038-AD8D-8A19-CF2D-1A2D7C23C147} deleted
C:\Users\Admin\AppData\LocalLow\{F1C915B0-03B9-AC4C-1361-86D05C11BABE} deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\SysWOW64\LavasoftTcpService.dll deleted
C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zfecvo39.default\jetpack deleted
C:\Users\ARNOCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\qxkknb3d.default\extensions\staged deleted
"C:\Users\Admin\AppData\Roaming\D9lVOK7PoavtV96" deleted
"C:\Users\Admin\AppData\Roaming\dUkLGUjDGJqaY51PWq6RiU" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zfecvo39.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Admin\AppData\Roaming\Thunderbird\Profiles\af1ytsma.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\ARNOCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\qxkknb3d.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zfecvo39.default
- Noia Fox - %ProfilePath%\extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi

ProfilePath: C:\Users\Admin\AppData\Roaming\Thunderbird\Profiles\af1ytsma.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}

ProfilePath: C:\Users\ARNOCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\qxkknb3d.default
- Google Search by Image - %ProfilePath%\extensions\google@hitachi.com.xpi
- Google Translator - %ProfilePath%\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi
- Google Translator Lite - %ProfilePath%\extensions\jid1-f3mYMbCpz2AZYl@jetpack.xpi
- S3.Google Translator - %ProfilePath%\extensions\s3google@translator.xpi
- translator - %ProfilePath%\extensions\translator@dontfollowme.net.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Quick Translator - %ProfilePath%\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype extension - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zfecvo39.default
B78F4C2C592C87DF54E8E0C6AAEF3874 - C:\Users\Admin\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
CEBC703D0423C181A2BA4AEB06AA874A - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Admin\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Admin\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fmbckaaebjcfklhfnlgjknikhedgknba - C:\ProgramData\ADDICT-THING\fmbckaaebjcfklhfnlgjknikhedgknba.crx[]
pikbbdcapibdfedkpcnaeleckpgchomj - C:\ProgramData\SaveAs\pikbbdcapibdfedkpcnaeleckpgchomj.crx[]

Seznam Lištička - Email - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
History Button - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fofpnhmbgmmeaialapfddhbhfongoinh
AdBlock - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Seznam Lištička - Rychlá volba - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
wEbsave - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\afgccndfngkfnaceggnncnnooemeeobp
ssave net - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomgadenaajfdgcnelkekjkcinigmocg
Musix Search - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\balimbofoedmklhpnchbgmlfipgpbjnl
Doownload keeper - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cbhkjfnhdfcbeaicgckieejnnnpblilb
save neoT - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cphifnogfkoclpepddpdialblmlldldc
Notable PDF - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk
save net - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gllhfbpfcghpbocbenkbpgfhpahjjpii
sUrf andd keep - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjligdppgmnpknnepagkinchbapplieb
CinemaP-1.9cV06.07 - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
saave net - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nhfjfjiaeldbceibdohgopbnekhmpnff
Saeve net - Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppbkdlkjinppjaijpiiidgdncjdcklam
Red Fox Snow Theme - Arnochtomag\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgaadipmojdihomphfmjphmelinpdalg
quickieZoom - Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\bekmnilenpmnmmiaokgoclkegllkgbok
Translator - Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch
Gmail on speed dial - Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipbblipgmilipflgplphffjhipcmidlb

==== Chromium Startpages ======================

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
y":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":131100},"supports_spdy":true},"www.google.cz:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":72354},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":78829}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":130598},"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":130025},"supports_spdy":true},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":141907}},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":132500},"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.tumblr.com:443":{"supports_spdy":true},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":171583},"supports_spdy":true},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":150196},"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":130110},"supports_spdy":true}},"supports_quic":{"address":"::ffff:2a00:1028","used_quic":true},"version":3}},"ntp":{"app_page_names":["Aplikace"],"collapsed_foreign_sessions":{}},"partition":{"default_zoom_level":{"14695981038468906945":3.069389038663465},"per_host_zoom_levels":{"14695981038468906945":{"teletrade-dj.cz":-7.6035680338478615}}},"password_bubble":{"nopes":0},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_bubble_tutorial_shown":2,"avatar_index":12,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{"[*.]loadsj.casa,*":{"setting":2}},"cookies":{},"fullscreen":{"[*.]darksouls.wiki.fextralife.com,*":{"setting":1},"[*.]pc.bazos.cz,*":{"setting":1},"[*.]tv.isport.blesk.cz,*":{"setting":1},"[*.]www.gamespot.com,*":{"setting":1},"[*.]www.qsresolve.com,*":{"setting":1},"[*.]www.sharpblades.cz,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]darksouls.wiki.fextralife.com,*":{"fullscreen":1},"[*.]loadsj.casa,*":{"multiple-automatic-downloads":2},"[*.]pc.bazos.cz,*":{"fullscreen":1},"[*.]tv.isport.blesk.cz,*":{"fullscreen":1},"[*.]www.gamespot.com,*":{"fullscreen":1},"[*.]www.qsresolve.com,*":{"fullscreen":1},"[*.]www.sharpblades.cz,*":{"fullscreen":1},"http://www.mapy.cz:80,http://www.mapy.cz:80":{"geolocation":2},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://www.google.cz:443,*":{"media-stream-mic":1}},"pref_version":1},"created_by_version":"43.0.2357.81","default_content_settings":{},"exit_type":"Crashed","exited_cleanly":true,"gaia_info_picture_url":"https://lh6.googleusercontent.com/-ZW2ZSjf46sQ/AAAAAAAAAAI/AAAAAAAAABU/MofyExbpKYE/s256-c/photo.jpg","gaia_info_update_time":"13081174209768592","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"PrvnĂ­ uĹľivatel","per_host_zoom_levels":{}},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"safebrowsing":{"enabled":true},"selectfile":{"last_directory":"C:\\Users\\Admin\\Desktop\\HM Studio"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13080861718254600"},"signin":{"signedin_time":"13081087805238307"},"sync":{"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAbQQWQj0NZEKT69LgO735ZQAAAAACAAAAAAAQZgAAAAEAACAAAAB0qsW/BI1FoET7qizYMODnKnvfAqym83SgKi5oPiGlRwAAAAAOgAAAAAIAACAAAADGbNj892z5pFoZbkk7L3QWuqHZOI9LaVuA/cPy7UR440AAAADFDA3cYdTXecsLKbVl5zZWWPpgx/c2W5FwX4/XnCvbCx0sNfc2VQdwPGm8uQCE6XeQ0PmHOgZZ/jSGCqO08NYUQAAAAMTo5ZyyH/68R/Q2T/fMfuTepva4tJxevNAyY4F4Ns/Elom0Pci40gvQw1Y/KYcd0fnkHVLlELE3Lkmt5V+bqac=","first_sync_time":"13081087805855307","has_setup_completed":true,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAbQQWQj0NZEKT69LgO735ZQAAAAACAAAAAAAQZgAAAAEAACAAAAAYrYc7mW1rtfid/Ty/rAl5rjemUeK7nlTEKUU4HCasmQAAAAAOgAAAAAIAACAAAADzSLFqDCxxE7F279Fnp7IMs0iITm28cteCKi29agZWaVAAAABfwkV+xLVQc0dRu9W/9gE98WUg2X07TcLZ4SJDbo9dx5/J9+JvGlcIbzBF4Z2EwZs98b2OqMdbJPEWcJTZna6Cj6/xtNrDE0VfzinJ1oMhsUAAAAB7/uks/GftIyKywpXT/7342WonDi+fesdIdmTkra32AWDdFyKNzn57Wsz2rSm5RIBJlqlaM/HCfcKNq99BqrB4","last_synced_time":"13081198265611713","session_sync_guid":"session_sync+lOwl07CdzYCfU643IStEA==","suppress_start":false},"translate_accepted_count":{"bg":1,"ca":0,"de":1,"el":1,"en":5,"es":0,"fa":0,"fr":1,"hr":0,"hu":0,"it":0,"ja":1,"lt":2,"nl":1,"pl":0,"pt":0,"ro":0,"ru":0,"sk":0,"sl":0,"sr":0,"sv":1,"tr":1,"und":4,"vi":0,"zh-CN":3},"translate_blocked_languages":["cs"],"translate_denied_count":{"bg":0,"ca":1,"de":0,"el":0,"en":0,"es":2,"fa":1,"fr":0,"hr":5,"hu":1,"it":2,"ja":0,"lt":0,"nl":0,"pl":5,"pt":6,"ro":3,"ru":18,"sk":39,"sl":3,"sr":3,"sv":0,"tr":0,"und":0,"vi":1,"zh-CN":0},"translate_last_denied_time":1436455054814.779,"translate_too_often_denied":true,"translate_whitelists":{},"webkit":{"webprefs":{"default_fixed_font_size":17,"default_font_size":20}}}
notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13080861751915636","lastpingday":"13081158002271695","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"cs","default_locale":"en","description":"Rychlý e-mail s možností vyhledávání a menším množstvím spamu.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_1","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"arnochtomag@gmail.com","username":"arnochtomag@gmail.com"}},"homepage":"https://www.seznam.cz/","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"147382AA6790C66351B5ACDC8A58F19AE891C20298868C03EAC78EACC52018A5"},"default_search_provider":{"keyword":"A7CC6B58F9C7A2461FA3BCFA5D65B8F467D446F4965DE512E9A97C16163BAFF2","name":"ADE86E34EFA2C71CA62CE3D3311F1795AEE58E1B431CD5B90D19886C4C4E410B","search_url":"6718AFD777A90C99807B427F4CBB37D6AAB55D06488F3FD37A0F20FE31F6440A"},"default_search_provider_data":{"template_url_data":"CD1C858894A1B2AE07D6A21E77D8AC354C1D510BD5310005C1AF6E1C11C6CC01"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"3B8717D869CDAF44B7761FF3F9846BDCE80CCC59619A22CC5FEF54C43383CD24","ahfgeienlihckogmohjhadlkjgocpleb":"12152F748B98B62420438DF81691D74543958503961BD693C8307EB430C88685","aohghmighlieiainnegkcijnfilokake":"11323871748506A631B722875B1A467472F2DBFD0152098CF07EA34A9DCDB7AD","apdfllckaahabafndbhieahigkjlhalf":"ED508A28ED3B6525AB1D059936CAC5A983292140501074DD5EB0928E120C0E6C","bepbmhgboaologfdajaanbcjmnhjmhfn":"72DBE691F1C11972217A0C8D187F423C83DF62B2C1EDA4983E370B748613452A","bgjpfhpjcgdppjbgnpnjllokbmcdllig":"2187281903C71C4A1109994423060222A93BC4E413BA4CAC41564AA5B53C9D6D","blmojkbhnkkphngknkmgccmlenfaelkd":"56CBBC0B51511BD68A2CE4DF6A934AC4FBFCA40BB41E15BE33CD4FD49879E6FE","blpcfgokakmgnkcojhhkbfbldkacnbeo":"A4666FF7846D6374F6673D809AA90B5A081DD5A659664DB9FDF78A96D02ABC5A","cfhdojbkjhnklbpkdaibdccddilifddb":"DA95CB773D394260D502F9383960FEEFF9787F57D240EF2A0B4A41A47F559BF2","coobgpohoikkiipiblmjeljniedjpjpf":"1CBDDC5F3A09036ADD898443D4FCB00639A469A7AF6432C18C50B1D791C8959C","eemcgdkfndhakfknompkggombfjjjeno":"80AFD13ACD974D1672ADC02124F8989382309B7DBED06806F9A680E55EAE242C","ejidjjhkpiempkbhmpbfngldlkglhimk":"FEEBB41AF98C028204EF71479A9CA30CDBC4ADBC76998784B79F9193EC966CEE","ennkphjdgehloodpbhlhldgbnhmacadg":"4212FB68288B0B2757D73C7BA8E8A1E14D0E137CD94BC25BCAAF9DAFDA87FDC4","felcaaldnbdncclmgdcncolpebgiejap":"F9197D2BB5B72C1964382ECCFC0D5183B581116B59F446482157A186A99B66FD","fofpnhmbgmmeaialapfddhbhfongoinh":"4430751CF7B8213B6C7FAA02AA9C3E186AE3EB4BF46F5C175C7BB3F99F72BBB8","fpldenmonegjehgjjlclifdemfibgdei":"03D79F0C04B8E7809972747AABA69E4BB4D1D31DF154B717B5C77037D1693A43","gfdkimpbcpahaombhbimeihdjnejgicl":"F3D3D556389289622D8B25CF5FF4406E4C5B043A3C3D25DBFD136BD3E67820A8","gighmmpiobklfepjocnamgkkbiglidom":"7D74D49556FC4D3198A1AC32CB1BFF93A1942051F24C59551242C26D7C5E2024","kmendfapggjehodndflmmgagdbamhnfd":"A3EC8C3CB1F2E314A84702AC7C8377CB04B85CDF1E72C8BBBFAFCA9B2BA24BAD","kmonecbahpkiehphchncoincemlddoip":"2F4B3E12047BB9EFB9D2DEF0483BA6FDFE29E7C41F8936A21129E02B9977F269","mfehgcgbbipciphmccgaenjidiccnmng":"FD32B8DD61DFD4AB84BC8B2E9434B411BF6F02067E704693E560F4E78A7822C4","mfffpogegjflfpflabcdkioaeobkgjik":"8F70B44507E8D1BF1A09BBB712B03459FC066866D3B24589F029E302CACCF75E","mgndgikekgjfcpckkfioiadnlibdjbkf":"6F81F9D61BAC5D0795F8A199D2789BE69A38C46A97D3E87D323A55FEB89C0505","mhjfbmdgcfjbbpaeojofohoefgiehjai":"C0EB4DE6500D56F7A19B14C70C6F52F17F4F3BA2066CA55306FF5D0A0FD12E5E","neajdppkdcdipfabeoofebfddakdcjhd":"20F6F74135626EAD240410C453AC779E62A7E3E48F1E8CFC2D4A56B6946BB6A7","nkeimhogjdpnpccoofpliimaahmaaome":"E93FD09E56CC7116BE13217A768B913A4FC091017BDADADA47C5A8678F244B6A","nmmhkkegccagdldgiimedpiccmgmieda":"C5949EB32C1C249244898EF4CE4938B22B0E396F611B38E57C1BA51C56E3E791","olfeabkoenfaoljndfecamgilllcpiak":"502CC05EE6D142BD63DBB74FAA48C52ED17B651A69936BF70AA4B4DA11D520CD","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"9407C6077BA505DFCD0D8F1D74EE4A16D5ACAF2D99C0BB29726998DCA55460F8","pihoaippkedekppaagjbanlbdjmapoai":"7E95D8FD88354D9F4907D84AF3A42C6D76C2059E28AC63D66F1177668168A476","pjkljhegncpnkpknbcohdijeoejaedia":"7DAF9697A24F877B495504A38CC1863BF541E0AADD7D2F1BD2D4D94E8FA18AD5"}},"google":{"services":{"last_username":"D37EB5B24A9BF8EF636A7E1AD2E62D95761A95E04021F0F2B380AF2FD548C98B","username":"018F1415E92F3B1F165F828C137E5A4780612C82E62EE2F984BE22BBE583E35C"}},"homepage":"6D05407D7E4651C0B897361DD9CA306FE08880952346A13CE6FBE3C0F794C5B1","homepage_is_newtabpage":"8993FF94C0AEB61FD98A4950CAF9C2F8DB868B1F653F68A379969855A1BEE0F8","pinned_tabs":"41A57B6C32B07C855C840A08AE9884E4F56C0DCB62FE737806EEA0AD591FE0DF","prefs":{"preference_reset_time":"1D09F80F9426608743742D0C50A35BBA070292BE5596A3A2AA6AAAB07DA7EE3E"},"profile":{"reset_prompt_memento":"16CABAC69E5CB56392769A25D326B31FCFE80F3D400946DB566F92FA3C280496"},"safebrowsing":{"incidents_sent":"200F717F9D96DF1F254C67F63EA1A29686120A9EA6C5B8D8C15A203E598755D1"},"search_provider_overrides":"EA72364D872E3B4363E46ABA8E31660CA77CAE82FE62AE4558EE482EA1158F8A","session":{"restore_on_startup":"03ADB347FD6848AA348681F76A606544114F6E5616474854FF526BB9D96FC116","startup_urls":"A9134EA0555E1153BB1C11537BCAF13E03BC196686C214E156D89F0374FB2FA4"},"software_reporter":{"prompt_reason":"C4999009F05D66E5DFE2DBF4E5A819DEB60935FC554FC4D9AD0FB366E10454A7","prompt_seed":"D6A65F5645D46D64F24E732AEBBA35F255E23C3D1BF48D639D94551114BA2260","prompt_version":"197791EEEAE0B32812276550010112F4FD06472B6CCAE51D2AE9A4786EFEEF87"},"sync":{"remaining_rollback_tries":"7A91C36A755D2A68A6967DB1C0ACF304B34C3AE22515BB215DB39938BC188CC2"}},"super_mac":"BA7EB3F61EB98D1773C461B1E8611286648737599CD4E9C2603E4E6E6BACFCC3"},"session":{"restore_on_startup":4,"startup_urls":["http://www.seznam.cz/","http://www.google.cz/","https://www.google.cz/","https://www.seznam.cz/"]},"sync":{"remaining_rollback_tries":0}}

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences
"homepage": "http://websearch.hotsearches.info/?pid=24437&r=2015/07/06&hid=10768843548585472101&lg=EN&cc=CZ&unqvl=90",

C:\Users\Arnochtomag\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/",

C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Preferences
"startup_urls": [ "http://www.seznam.cz/" ],


==== Chromium Fix ======================

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_torrent-finder.info_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_torrent-finder.info_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\afgccndfngkfnaceggnncnnooemeeobp deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_afgccndfngkfnaceggnncnnooemeeobp_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_afgccndfngkfnaceggnncnnooemeeobp_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipbblipgmilipflgplphffjhipcmidlb deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomgadenaajfdgcnelkekjkcinigmocg deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_aomgadenaajfdgcnelkekjkcinigmocg_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_aomgadenaajfdgcnelkekjkcinigmocg_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\balimbofoedmklhpnchbgmlfipgpbjnl deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balimbofoedmklhpnchbgmlfipgpbjnl deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cbhkjfnhdfcbeaicgckieejnnnpblilb deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cphifnogfkoclpepddpdialblmlldldc deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_cphifnogfkoclpepddpdialblmlldldc_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_cphifnogfkoclpepddpdialblmlldldc_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gllhfbpfcghpbocbenkbpgfhpahjjpii deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_gllhfbpfcghpbocbenkbpgfhpahjjpii_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_gllhfbpfcghpbocbenkbpgfhpahjjpii_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjligdppgmnpknnepagkinchbapplieb deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_hjligdppgmnpknnepagkinchbapplieb_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_hjligdppgmnpknnepagkinchbapplieb_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nhfjfjiaeldbceibdohgopbnekhmpnff deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_nhfjfjiaeldbceibdohgopbnekhmpnff_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_nhfjfjiaeldbceibdohgopbnekhmpnff_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppbkdlkjinppjaijpiiidgdncjdcklam deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_ppbkdlkjinppjaijpiiidgdncjdcklam_0.localstorage deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_ppbkdlkjinppjaijpiiidgdncjdcklam_0.localstorage-journal deleted successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{5CE25775-92B7-477d-9603-852F0B34D8B0} ???? Url="http://www.sogou.com/sogou?query={searchTerms}&pid=sogou-wsse-91e50fe1e39af286"

==== Reset Google Chrome ======================

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences.bak was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF3dfae2.TMP was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Arnochtomag\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\Arnochtomag\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Arnochtomag\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fmbckaaebjcfklhfnlgjknikhedgknba deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pikbbdcapibdfedkpcnaeleckpgchomj deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OnTranslator deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4B9B38AE4C8290791A3BEA919FBE62CB47D281A8._service_run deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallerLauncher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Documents and Settings\NetworkService\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Spravce\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Admin\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\Arnochtomag\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=504 folders=161 29151880 bytes)

==== Empty Temp Folders ======================

C:\Users\Admin\AppData\Local\Temp will be emptied at reboot
C:\Users\Arnochtomag\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Admin\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted

==== EOF on ne 12.07.2015 at 20:34:50,24 ======================

[jerabina]

Super

Co problémy?

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[bobsch2]

Zdravím a omlouvám se, že píšu tak pozdě, měl jsem osobní problémy a ještě k tomu problém s PC. Chci Vám poděkovat a vše už je v pořádku. Díky Bobsch2