kontrola logu

hautchr · Příspěvekod **hautchr** » 15 led 2016 17:13

prosim o kontrolu logu, podezreni na napadeni PC, nekdo mi naboural ucet mailu a FB (oboje jine heslo)
predem dekuji:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 17:08:05, on 15.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)

FIREFOX: 43.0.4 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Users\Radek\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Radek\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Radek\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Lotus Organizer EasyClip.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\ASDownloadAll.htm
O8 - Extra context menu item: Download using ASUS Download - C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\ASDownload.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9797 bytes

Reklama

Příspěvekod **Orcus** » 15 led 2016 20:01

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na tlačítko "Logfile" načež se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
- Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:

Aktualizace Malwarebytes' Anti-Malware
Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec

- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

hautchr · Příspěvekod **hautchr** » 15 led 2016 20:59

# AdwCleaner v5.029 - Logfile created 15/01/2016 at 20:41:18
# Updated 11/01/2016 by Xplode
# Database : 2016-01-14.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Radek - PC
# Running from : C:\Users\Radek\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\Program Files (x86)\PANDORA.TV
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\Users\Radek\AppData\Local\apn
Folder Found : C:\Users\Radek\AppData\Roaming\OCS
Folder Found : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\SweetIMToolbarData
Folder Found : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Found : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [ Files ] *****

File Found : C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
File Found : C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Found : C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
File Found : C:\Users\Radek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Found : C:\Users\Radek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Found : C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
File Found : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\searchplugins\icqplugin.xml
File Found : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\searchplugins\SweetIM Search.xml
File Found : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\searchplugins\SweetIm.xml

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\OCS
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\PIP
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A1194237-547A-461d-BD44-B97B1574A7DA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F70AE624-2B41-476F-BC9C-0A7F158C3F15}
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\7324911AA745D164DB449BB751477AAD
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\426EA07F14B2F674CBC9A0F751C8F351
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\7324911AA745D164DB449BB751477AAD
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\426EA07F14B2F674CBC9A0F751C8F351
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7324911AA745D164DB449BB751477AAD
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\426EA07F14B2F674CBC9A0F751C8F351
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{93999C30-332A-4058-B8BC-79BFCBCD8D96}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

***** [ Web browsers ] *****

[C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Found : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,quickstores@quickstores.[...]
[C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Found : user_pref("icqtoolbar.installsource", "1");
[C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Found : user_pref("icqtoolbar.showPc", false);
[C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Found : user_pref("icqtoolbar.skip_default_search", "yes");
[C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Found : user_pref("quickstores.toolbar.affid", "2006");
[C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Found : user_pref("quickstores.toolbar.guid", "{A9AE1AAC-946E-D336-6EE9-011FBF27615A}");
[C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : crawler.com
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : toolbar.inbox.com
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : isearch.avg.com
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [16976 bytes] ##########

hautchr · Příspěvekod **hautchr** » 15 led 2016 21:19

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15.1.2016
Čas skenování: 21:02
Protokol:
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.15.07
Databáze rootkitů: v2016.01.09.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Radek

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 352683
Uplynulý čas: 16 min, 11 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 1
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe, 3624, , [11e2a099d4c53afc75f205c3f50ffd03]

Moduly: 28
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll, , [1cd7d168267396a0f374e3e5ae56758b],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll, , [8d6618219504f442c1a6ebddc0441de3],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll, , [3fb417228019d95d45225c6c59ab8e72],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll, , [45ae0b2e8019989ed2954a7ef50f23dd],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll, , [f5fe81b8504985b1f473b71106fe1be5],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll, , [ed0689b03267181ef86fd4f427dda858],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll, , [c1326acf2f6a300682e504c420e4cf31],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],

Klíče registru: 67
PUP.Optional.SweetPacks, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}, , [dd16ec4d0f8a4de94c15a7d438ca56aa],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}, , [dd16ec4d0f8a4de94c15a7d438ca56aa],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [559ea495f7a22a0cce9371e5aa5839c7],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE, , [559ea495f7a22a0cce9371e5aa5839c7],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE.1, , [559ea495f7a22a0cce9371e5aa5839c7],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE, , [559ea495f7a22a0cce9371e5aa5839c7],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE.1, , [559ea495f7a22a0cce9371e5aa5839c7],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar3.SWEETIE, , [559ea495f7a22a0cce9371e5aa5839c7],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar3.SWEETIE.1, , [559ea495f7a22a0cce9371e5aa5839c7],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\SWEETIE.IEToolbar, , [22d1e554f8a1f73f223ed6a555ad1ee2],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\SWEETIE.IEToolbar.1, , [22d1e554f8a1f73f223ed6a555ad1ee2],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SWEETIE.IEToolbar, , [22d1e554f8a1f73f223ed6a555ad1ee2],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SWEETIE.IEToolbar.1, , [22d1e554f8a1f73f223ed6a555ad1ee2],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SWEETIE.IEToolbar, , [22d1e554f8a1f73f223ed6a555ad1ee2],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SWEETIE.IEToolbar.1, , [22d1e554f8a1f73f223ed6a555ad1ee2],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, , [1dd60336178296a0d7668e5046bd4ab6],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, , [f0036ccdc0d9142205381cc2e41fb44c],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\SweetIM, , [ac478baef9a0d4623411f1ed8c7733cd],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, , [b63db782b3e6c274c37ad30b3cc7ef11],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, , [e310af8aaceda5913a033ba30102fc04],
PUP.Optional.SweetIM, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\SweetIM, , [a74c56e38b0ead896cd4af2fdf24b050],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\CONDUIT\DistributionEngine, , [a64d0a2f5247211562e59a054ab9966a],
PUP.Optional.ICQ, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}, , [6b88ab8edabf46f00c096e5327dcca36],
PUP.Optional.Spigot, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{93999C30-332A-4058-B8BC-79BFCBCD8D96}, , [3fb418217326bb7b1ef37b616e957c84],
PUP.Optional.DaemonSearch, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}, , [668dd861a3f68da942fba0309c6642be],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\TYPELIB\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A439801C-961D-452C-AB42-7848E9CBD289}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A439801C-961D-452C-AB42-7848E9CBD289}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\MgMediaPlayer.GifAnimator.1, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\MgMediaPlayer.GifAnimator, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MgMediaPlayer.GifAnimator, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\MgMediaPlayer.GifAnimator, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MgMediaPlayer.GifAnimator.1, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\MgMediaPlayer.GifAnimator.1, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\MediaPlayer.GraphicsUtils.1, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\MediaPlayer.GraphicsUtils, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MediaPlayer.GraphicsUtils, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\MediaPlayer.GraphicsUtils, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MediaPlayer.GraphicsUtils.1, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\MediaPlayer.GraphicsUtils.1, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\TYPELIB\{EEE6C35F-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEE6C35A-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEE6C35A-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EEE6C35A-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{EEE6C35F-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{EEE6C35F-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SweetIM_URLSearchHook.ToolbarURLSearchHook, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\TYPELIB\{EEE6C35E-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEE6C358-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEE6C359-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEE6C358-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEE6C359-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EEE6C358-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EEE6C359-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{EEE6C35E-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{EEE6C35E-6118-11DC-9C72-001320C79847}, , [ea09d6639efb181e2e2000bfd82a9967],

Hodnoty registru: 11
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SweetIM, C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe, , [11e2a099d4c53afc75f205c3f50ffd03]
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{EEE6C35B-6118-11DC-9C72-001320C79847}, , [22d1e554f8a1f73f223ed6a555ad1ee2],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{EEE6C35B-6118-11DC-9C72-001320C79847}, , [22d1e554f8a1f73f223ed6a555ad1ee2],
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|URL, http://search.sweetim.com/search.asp?src=6&q={searchTerms}, , [c62d6acf47524ee83a09f5e98b784cb4]
PUP.Optional.ICQ, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|URL, http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd, , [6b88ab8edabf46f00c096e5327dcca36]
PUP.Optional.ICQ, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6552C7DD-90A4-4387-B795-F8F96747DE19}|FaviconURL, http://c.icq.com/favicon.ico, , [757ecb6ecfca2016eb2a5170ad560df3]
PUP.Optional.Spigot, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{93999C30-332A-4058-B8BC-79BFCBCD8D96}|URL, http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}, , [3fb418217326bb7b1ef37b616e957c84]
PUP.Optional.DaemonSearch, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}|URL, http://www.daemon-search.com/search?q={searchTerms}, , [668dd861a3f68da942fba0309c6642be]
PUP.Optional.SweetIM, HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|URL, http://search.sweetim.com/search.asp?src=6&q={searchTerms}, , [90631326702983b3c37cbc22aa59619f]
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE, 1, , [ea09d6639efb181e2e2000bfd82a9967]
PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL, 1, , [ea09d6639efb181e2e2000bfd82a9967]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 42
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\DE, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de, , [767d84b59affda5c30230aafb949c53b],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome, , [767d84b59affda5c30230aafb949c53b],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\images, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\265625805, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\293077229, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\Bars, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\Bars\Default, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\packages, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\logs, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\update, , [fef57bbe0c8dad8928a0755431d145bb],

Soubory: 242
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll, , [f201b1885c3da98dbfa81aae788c936d],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe, , [11e2a099d4c53afc75f205c3f50ffd03],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll, , [1cd7d168267396a0f374e3e5ae56758b],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll, , [8d6618219504f442c1a6ebddc0441de3],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll, , [3fb417228019d95d45225c6c59ab8e72],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll, , [45ae0b2e8019989ed2954a7ef50f23dd],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll, , [f5fe81b8504985b1f473b71106fe1be5],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll, , [ed0689b03267181ef86fd4f427dda858],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll, , [c1326acf2f6a300682e504c420e4cf31],
PUP.Optional.SweetIM, C:\Windows\Installer\759d03.msi, , [cf2480b91b7e092d3c2bc10717edd828],
PUP.Optional.SweetIM, C:\Windows\Installer\759d0b.msi, , [827166d3b3e6a2943037e2e6cd3755ab],
PUP.Optional.ICQPlugin, C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\searchplugins\icqplugin.xml, , [f1020d2c6c2d1f1754c33091a063d030],
PUP.Optional.SweetIM, C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\searchplugins\SweetIM Search.xml, , [e0130f2a5247fb3b43f5825ced1626da],
PUP.Optional.SweetIM, C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\searchplugins\sweetim.xml, , [7c77ee4bfb9e4fe7ad8b845a06fd03fd],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\BG\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\DE\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\DE\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\DE\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\DE\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\EN\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\ES\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\FR\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\HE\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\IT\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\RU\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\SK\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR\Configuration.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR\OptionDlg.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR\RegionalSettings.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.ICQToolbar, C:\ProgramData\ICQ\ICQToolbar\XML\TR\UserInterface.xml, , [37bc78c1405940f67c945e529f63fe02],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome.manifest, , [767d84b59affda5c30230aafb949c53b],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\install.rdf, , [767d84b59affda5c30230aafb949c53b],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome\quickstorestoolbar.jar, , [767d84b59affda5c30230aafb949c53b],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\default.xml, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\images\GamesButton.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\images\WinksButton.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\default.xml, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf\logger.xml, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\about.html, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\affid.dat, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\basis.xml, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\bing.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dating.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\find.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\games.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\glitter.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\google.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\help.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\highlight.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\locales.xml, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\music.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\news.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\options.html, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\photos.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\shopping.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\version.txt, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\video.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-search.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png, , [ea09d6639efb181e2e2000bfd82a9967],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\adapter.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\autoupdate.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\contentpackages.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\logger.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\messages.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\sweetim.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\sweetimapp.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\main_user_config.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\265625805\content_update_notification.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\265625805\emoticons_shortcut.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\265625805\lastuse_DisplayPictures.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\265625805\lastuse_Emoticons.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\265625805\lastuse_SpecialFX.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\265625805\lastuse_Winks.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\265625805\user_config.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\293077229\content_update_notification.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\293077229\emoticons_shortcut.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\conf\users\293077229\user_config.xml, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\Bars\Default\bar.html, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\Bars\Default\bar.js, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\Bars\Default\bar.swf, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00020459.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00010941.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000109A0.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000109E5.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00020147.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\0002017C.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000201AD.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\0002020C.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000202D6.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00020337.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00020351.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\0002037A.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\0002039F.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000203C8.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000203D2.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000203DB.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000203DE.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000203F0.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000203F5.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000203FC.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00020449.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00020458.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00020461.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00020473.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000204AB.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000204E9.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000204F3.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000205A9.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000205AB.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000205AF.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000205B2.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00020689.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000206C2.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00060033.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00060033.dat.jpeg, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\000800E5.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\00080123.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\contentdb\cache_indx.dat, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\activationFail.htm, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\close_but.gif, , [fef57bbe0c8dad8928a0755431d145bb],
PUP.Optional.SweetIM, C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\failure_dialog_BG.jpg, , [fef57bbe0c8dad8928a0755431d145bb],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jerabina** » 15 led 2016 21:38

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

hautchr · Příspěvekod **hautchr** » 15 led 2016 22:18

# AdwCleaner v5.029 - Logfile created 15/01/2016 at 22:13:10
# Updated 11/01/2016 by Xplode
# Database : 2016-01-15.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Radek - PC
# Running from : C:\Users\Radek\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
[-] Folder Deleted : C:\Program Files (x86)\SweetIM
[-] Folder Deleted : C:\Program Files (x86)\PANDORA.TV
[-] Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
[-] Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
[-] Folder Deleted : C:\ProgramData\SweetIM
[-] Folder Deleted : C:\Users\Radek\AppData\Local\apn
[-] Folder Deleted : C:\Users\Radek\AppData\Roaming\OCS
[-] Folder Deleted : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\SweetIMToolbarData
[-] Folder Deleted : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [ Files ] *****

[-] File Deleted : C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
[-] File Deleted : C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
[-] File Deleted : C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\Radek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
[-] File Deleted : C:\Users\Radek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
[-] File Deleted : C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
[-] File Deleted : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\searchplugins\icqplugin.xml
[-] File Deleted : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\searchplugins\SweetIM Search.xml
[-] File Deleted : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\searchplugins\SweetIm.xml

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
[-] Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
[-] Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
[-] Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
[-] Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
[-] Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\SweetIM
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\SweetIM
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A1194237-547A-461d-BD44-B97B1574A7DA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F70AE624-2B41-476F-BC9C-0A7F158C3F15}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\7324911AA745D164DB449BB751477AAD
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\426EA07F14B2F674CBC9A0F751C8F351
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\7324911AA745D164DB449BB751477AAD
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\426EA07F14B2F674CBC9A0F751C8F351
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7324911AA745D164DB449BB751477AAD
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\426EA07F14B2F674CBC9A0F751C8F351
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{93999C30-332A-4058-B8BC-79BFCBCD8D96}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

***** [ Web browsers ] *****

[-] [C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Deleted : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,quickstores@quickstores.[...]
[-] [C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[-] [C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.installsource", "1");
[-] [C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.showPc", false);
[-] [C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
[-] [C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Deleted : user_pref("quickstores.toolbar.affid", "2006");
[-] [C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Deleted : user_pref("quickstores.toolbar.guid", "{A9AE1AAC-946E-D336-6EE9-011FBF27615A}");
[-] [C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [17445 bytes] ##########

hautchr · Příspěvekod **hautchr** » 15 led 2016 22:42

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15.1.2016
Čas skenování: 22:23
Protokol: MbAM sken.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.15.07
Databáze rootkitů: v2016.01.09.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Radek

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 351938
Uplynulý čas: 16 min, 19 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
PUP.Optional.SweetIM, C:\Windows\Installer\759d03.msi, Do karantény, [f6fd8dacaeeb88ae8fd8389056ae8779],
PUP.Optional.SweetIM, C:\Windows\Installer\759d0b.msi, Do karantény, [fff4a0992673270f0166666254b007f9],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

hautchr · Příspěvekod **hautchr** » 15 led 2016 22:58

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Ultimate x64
Ran by Radek (Administrator) on p 15.01.2016 at 22:45:20,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 4

Successfully deleted: C:\Users\Radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JW68EEI7 (Folder)
Successfully deleted: C:\Users\Radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O7MSVAF6 (Folder)
Successfully deleted: C:\Users\Radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P53YISHG (Folder)
Successfully deleted: C:\Users\Radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UV0A0LPN (Folder)

Deleted the following from C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js
user_pref(extensions.foxcub.config.encodedConfig, {\core\:{\configUrl\:\hxxp://download.seznam.cz/software/conf/\,\configUrlSecure\:\hxxps://download.seznam.cz/sof
user_pref(icqtoolbar.skip_default_search, yes);
user_pref(quickstores.toolbar.guid, {A9AE1AAC-946E-D336-6EE9-011FBF27615A});
user_pref(sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0);
user_pref(sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7);
user_pref(sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log);
user_pref(sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000);
user_pref(sweetim.toolbar.logger.FileHandler.MinReportLevel, 7);
user_pref(sweetim.toolbar.mode.debug, false);
user_pref(sweetim.toolbar.previous.browser.search.defaultenginename, );
user_pref(sweetim.toolbar.previous.browser.search.defaulturl, );
user_pref(sweetim.toolbar.previous.browser.search.selectedEngine, );
user_pref(sweetim.toolbar.previous.browser.startup.homepage, hxxp://seznam.cz/);
user_pref(sweetim.toolbar.previous.keyword.URL, chrome://browser-region/locale/region.properties);
user_pref(sweetim.toolbar.search.history.capacity, 10);
user_pref(sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com);
user_pref(sweetim.toolbar.version, 1.2.0.2);

Registry: 4

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 15.01.2016 at 22:51:58,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hautchr · Příspěvekod **hautchr** » 15 led 2016 23:17

RogueKiller V11.0.7.0 (x64) [Jan 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Radek [Práva správce]
Started from : C:\Users\Radek\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 01/15/2016 23:14:31

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Pandora.TV -> Nalezeno
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tsusbhub (system32\drivers\tsusbhub.sys) -> Nalezeno
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 37 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_CREATE[0] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_CLOSE[2] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_POWER[22] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_PNP[27] : Unknown @ 0xfffffa8003a792c0
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll!NtSetSystemInformation : Unknown @ 0x778901f0 (jmp 0x160f50|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0x778903b0 (jmp 0x162460|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtDuplicateObject : Unknown @ 0x77890390 (jmp 0x162420|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateEvent : Unknown @ 0x778902d0 (jmp 0x1622a0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtNotifyChangeKey : Unknown @ 0x77890490 (jmp 0x161a00|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtTerminateProcess : Unknown @ 0x778903e0 (jmp 0x162570|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenEvent : Unknown @ 0x778902e0 (jmp 0x162330|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0x778903a0 (jmp 0x161f70|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtSetContextThread : Unknown @ 0x77890400 (jmp 0x161320|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateSection : Unknown @ 0x77890310 (jmp 0x1622c0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenProcess : Unknown @ 0x77890370 (jmp 0x162560|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0x778904a0 (jmp 0x161a00|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtQueryObject : Unknown @ 0x77890450 (jmp 0x1627a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateIoCompletion : Unknown @ 0x77890350 (jmp 0x161e30|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSection : Unknown @ 0x77890320 (jmp 0x162400|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateSemaphore : Unknown @ 0x778902b0 (jmp 0x161ca0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSemaphore : Unknown @ 0x778902c0 (jmp 0x161730|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateMutant : Unknown @ 0x77890290 (jmp 0x161d10|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenMutant : Unknown @ 0x778902a0 (jmp 0x161760|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateTimer : Unknown @ 0x77890330 (jmp 0x161cf0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenTimer : Unknown @ 0x77890340 (jmp 0x161770|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateThreadEx : Unknown @ 0x778903d0 (jmp 0x161da0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtTerminateThread : Unknown @ 0x778903f0 (jmp 0x162310|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenThread : Unknown @ 0x77890380 (jmp 0x1617c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtSuspendThread : Unknown @ 0x77890430 (jmp 0x1610a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x77890480 (jmp 0x162080|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0x77890440 (jmp 0x161580|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ gdi32.dll) ntdll!NtVdmControl : Unknown @ 0x77890280 (jmp 0x160e00|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ ntmarta.dll) ntdll!NtOpenEventPair : Unknown @ 0x77890300 (jmp 0x161830|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ ws2_32.dll) ntdll!NtLoadDriver : Unknown @ 0x778901e0 (jmp 0x161840|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0|jmp 0xb1)

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[PUP][FIREFX:Addon] 76u3drh3.default : Seznam li?ti?ka [{ea614400-e918-4741-9a97-7a972ff7c30b}] -> Nalezeno
[PUM.HomePage][FIREFX:Config] 76u3drh3.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500AVVS-63E1B SCSI Disk Device +++++
--- User ---
[MBR] 69ad9dce658bc407d5a6fdcdab9344bb
[BSP] ba2d846b2d89d631b0ca29b8dfdede7c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 49899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 102400000 | Size: 665403 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )

+++++ PhysicalDrive1: WDC WD10EARS-00Y5B1 SCSI Disk Device +++++
--- User ---
[MBR] 4221cb801ec148a70b409306507b7941
[BSP] 117effce4389f078d0e5fa0b55735ada : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )

+++++ PhysicalDrive2: WD 5000AAV External USB Device +++++
--- User ---
[MBR] 45b2824d73703473e9c1a04faa21ea47
[BSP] 1343860dbef73a961735f1522ff55311 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476938 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Příspěvekod **jaro3** » 16 led 2016 09:45

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

hautchr · Příspěvekod **hautchr** » 17 led 2016 09:05

RogueKiller V11.0.7.0 (x64) [Jan 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Radek [Práva správce]
Started from : C:\Users\Radek\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 01/17/2016 09:04:18

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Pandora.TV -> Smazáno
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tsusbhub (system32\drivers\tsusbhub.sys) -> Smazáno
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://search.msn.com/spbasic.htm)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://search.msn.com/spbasic.htm)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nahrazeno (http://search.msn.com/spbasic.htm)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 37 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_CREATE[0] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_CLOSE[2] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_POWER[22] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0xfffffa8003a792c0
[IRP:Addr(Hook.IRP)] \Driver\atapi - IRP_MJ_PNP[27] : Unknown @ 0xfffffa8003a792c0
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll!NtSetSystemInformation : Unknown @ 0x777c01f0 (jmp 0x160f50|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0x777c03b0 (jmp 0x162460|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtDuplicateObject : Unknown @ 0x777c0390 (jmp 0x162420|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateEvent : Unknown @ 0x777c02d0 (jmp 0x1622a0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtNotifyChangeKey : Unknown @ 0x777c0490 (jmp 0x161a00|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtTerminateProcess : Unknown @ 0x777c03e0 (jmp 0x162570|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenEvent : Unknown @ 0x777c02e0 (jmp 0x162330|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0x777c03a0 (jmp 0x161f70|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtSetContextThread : Unknown @ 0x777c0400 (jmp 0x161320|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateSection : Unknown @ 0x777c0310 (jmp 0x1622c0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenProcess : Unknown @ 0x777c0370 (jmp 0x162560|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0x777c04a0 (jmp 0x161a00|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtQueryObject : Unknown @ 0x777c0450 (jmp 0x1627a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateIoCompletion : Unknown @ 0x777c0350 (jmp 0x161e30|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSection : Unknown @ 0x777c0320 (jmp 0x162400|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateSemaphore : Unknown @ 0x777c02b0 (jmp 0x161ca0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSemaphore : Unknown @ 0x777c02c0 (jmp 0x161730|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateMutant : Unknown @ 0x777c0290 (jmp 0x161d10|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenMutant : Unknown @ 0x777c02a0 (jmp 0x161760|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateTimer : Unknown @ 0x777c0330 (jmp 0x161cf0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenTimer : Unknown @ 0x777c0340 (jmp 0x161770|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateThreadEx : Unknown @ 0x777c03d0 (jmp 0x161da0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtTerminateThread : Unknown @ 0x777c03f0 (jmp 0x162310|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenThread : Unknown @ 0x777c0380 (jmp 0x1617c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtSuspendThread : Unknown @ 0x777c0430 (jmp 0x1610a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x777c0480 (jmp 0x162080|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0x777c0440 (jmp 0x161580|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ gdi32.dll) ntdll!NtVdmControl : Unknown @ 0x777c0280 (jmp 0x160e00|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ ntmarta.dll) ntdll!NtOpenEventPair : Unknown @ 0x777c0300 (jmp 0x161830|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0|jmp 0xb1)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ ws2_32.dll) ntdll!NtLoadDriver : Unknown @ 0x777c01e0 (jmp 0x161840|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0|jmp 0xb1)

¤¤¤ Webové prohlížeče : 4 ¤¤¤
[PUP][FIREFX:Addon] 76u3drh3.default : Seznam li?ti?ka [{ea614400-e918-4741-9a97-7a972ff7c30b}] -> Smazáno
[FIREFX:Addon] 76u3drh3.default : Mozilla Firefox hotfix [firefox-hotfix@mozilla.org] -> Smazáno
[FIREFX:Addon] 76u3drh3.default : Avast Online Security [wrc@avast.com] -> Smazáno
[PUM.HomePage][FIREFX:Config] 76u3drh3.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500AVVS-63E1B SCSI Disk Device +++++
--- User ---
[MBR] 69ad9dce658bc407d5a6fdcdab9344bb
[BSP] ba2d846b2d89d631b0ca29b8dfdede7c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 49899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 102400000 | Size: 665403 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )

+++++ PhysicalDrive1: WDC WD10EARS-00Y5B1 SCSI Disk Device +++++
--- User ---
[MBR] 4221cb801ec148a70b409306507b7941
[BSP] 117effce4389f078d0e5fa0b55735ada : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )

hautchr · Příspěvekod **hautchr** » 17 led 2016 10:04

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Radek on ne 17.01.2016 at 9:07:07,37.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Radek\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.1.2016 9:08:33 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\DAEMON Tools Pro deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\CanonIJScan deleted successfully
C:\PROGRA~3\KASTNER software deleted successfully
C:\PROGRA~3\Pinnacle Studio Plus deleted successfully
C:\Users\Radek\AppData\Roaming\Canon deleted successfully
C:\Users\Radek\AppData\Roaming\DAEMON Tools Pro deleted successfully
C:\Users\Radek\AppData\Roaming\Kastner software deleted successfully
C:\Users\Radek\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Radek\AppData\Roaming\Samsung deleted successfully
C:\Users\Radek\AppData\Local\Cyberlink deleted successfully
C:\Users\Radek\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Radek\AppData\Local\EmieSiteList deleted successfully
C:\Users\Radek\AppData\Local\EmieUserList deleted successfully
C:\Users\Radek\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_USERS\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home"about:home);
user_pref("browser.search.defaulturl", "https://www.google.com/search");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "https://www.google.com/search");

Added to C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default

user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("extensions.wrc.SearchRules.yahoo.com.url", "^http(s)?\\:\\/\\/((.)+\\.)?search\\.yahoo\\.com\\/(.)*");
---- Lines ask.com removed from prefs.js ----
user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
---- FireFox user.js and prefs.js backups ----

prefs_17.01.2016_0938_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\DAEMON Tools Pro not found
C:\PROGRA~2\MarkAnyContentSAFER deleted
C:\PROGRA~3\ICQ deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [10.12.2015 19:09]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype extension for Firefox - %AppDir%\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default
70858ED7836E5C849D33576A84DC8CCF - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll - Shockwave Flash

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswwebrepchrome-sp.crx[08.09.2014 18:39]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[24.05.2015 19:07]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Radek\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx[]
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

BeFunky Photo Editor - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab
Fotor Photo Editor - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf
Polarr - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg
PicMonkey - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm
AT_SigersonMorrison - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcpgmpfeoahblfncaooigccakcgngjbh
90`s Games - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\illbbfoihflomkbpcaaakhijinbnejom
Bird Brawl - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfmnamhddafiplkkobdinpjcnidlplk
Google Drive App Launcher - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
OneDrive - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk

==== Chromium Fix ======================

C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=

==== Reset Google Chrome ======================

C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MDS_Menu deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS12 Preload deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Radek\AppData\Local\Mozilla\Firefox\Profiles\76u3drh3.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=16 folders=7 291327 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Radek\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Radek\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 17.01.2016 at 9:48:44,72 ======================

kontrola logu

kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Kdo je online