Logfile of random's system information tool 1.09 (written by random/random)
Run by Robin at 2014-03-13 20:43:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 17 GB (6%) free of 288 GB
Total RAM: 1976 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:20, on 13.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Users\Robin\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Robin\Searches\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Robin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT33149 ... 3825&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [GoobzoYouTubeAccelerator] "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sticky Password - res://C:\Program Files (x86)\Sticky Password\spIEBho.dll/616
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll xC:\PROGRA~3\BitGuard\271832~1.68\{C16C1~1\BitGuard.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MobilePre Audio Device Monitor (MobilePreIIAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\MobilePre\AudioDevMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Search Module Update (SMUpd) - Search Module Ltd. - C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: YouTubeAcceleratorService - GOOBZO - C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe
--
End of file - 15278 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\FreeFileViewerUpdateChecker.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForRobin.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT33149 ... 3825&SSPV="
prefs.js - "keyword.URL" - "http://www-search.net/search.aspx?s=%%s ... 1382217273, 167f84a7-df4b-4e0d-a7d6-a631f0a41fbe, &q="
"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw_1167637.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
C:\Program Files (x86)\Mozilla Firefox\components\
nsIBitCometAgent.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npBitCometAgent.dll
npdeployJava1.dll
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\extensions\
143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com
502289a970c8c@502289a970cc5.info
9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com
{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\searchplugins\
conduit-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-01-12 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-01-12 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-10 1712184]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-01-22 2363392]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-18 3093624]
"GoobzoYouTubeAccelerator"=C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2014-01-02 2218856]
"uTorrent"=C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe [2014-02-08 905296]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll xC:\PROGRA~3\BitGuard\271832~1.68\{C16C1~1\BitGuard.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.ZMBV"=zmbv.dll
"msacm.siren"=sirenacm.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 3 months======
2014-03-13 20:43:22 ----D---- C:\rsit
2014-03-05 03:04:05 ----D---- C:\Program Files (x86)\Common Files\Skype
2014-02-27 03:12:31 ----D---- C:\windows\Migration
2014-02-25 10:34:00 ----D---- C:\windows\rescache
2014-02-15 15:55:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-15 11:24:24 ----D---- C:\Program Files (x86)\Hasbro Interactive
2014-02-15 10:55:07 ----D---- C:\Users\Robin\AppData\Roaming\Atari
2014-02-13 10:40:33 ----D---- C:\windows\SysWOW64\SearchProtect
2014-02-13 10:13:46 ----A---- C:\windows\SysWOW64\vbscript.dll
2014-02-13 10:11:11 ----A---- C:\windows\SysWOW64\msrating.dll
2014-02-13 10:11:10 ----A---- C:\windows\SysWOW64\ieui.dll
2014-02-13 10:11:06 ----A---- C:\windows\SysWOW64\iesetup.dll
2014-02-13 10:11:05 ----A---- C:\windows\SysWOW64\iernonce.dll
2014-02-13 10:11:04 ----A---- C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-13 10:11:04 ----A---- C:\windows\SysWOW64\iesysprep.dll
2014-02-13 10:11:00 ----A---- C:\windows\SysWOW64\iertutil.dll
2014-02-13 10:10:52 ----A---- C:\windows\SysWOW64\msfeeds.dll
2014-02-13 10:10:50 ----A---- C:\windows\SysWOW64\jscript.dll
2014-02-13 10:10:46 ----A---- C:\windows\SysWOW64\jscript9.dll
2014-02-13 10:10:44 ----A---- C:\windows\SysWOW64\urlmon.dll
2014-02-13 10:10:37 ----A---- C:\windows\SysWOW64\jsproxy.dll
2014-02-13 10:10:36 ----A---- C:\windows\SysWOW64\wininet.dll
2014-02-13 10:10:32 ----A---- C:\windows\SysWOW64\ieframe.dll
2014-02-13 10:10:17 ----A---- C:\windows\SysWOW64\mshtml.dll
2014-02-12 10:32:05 ----A---- C:\windows\SysWOW64\msxml3.dll
2014-02-12 10:32:04 ----A---- C:\windows\SysWOW64\msxml3r.dll
2014-02-12 10:31:02 ----A---- C:\windows\SysWOW64\RMActivate_isv.exe
2014-02-12 10:31:02 ----A---- C:\windows\SysWOW64\RMActivate.exe
2014-02-12 10:31:01 ----A---- C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 10:30:59 ----A---- C:\windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 10:30:58 ----A---- C:\windows\SysWOW64\secproc_isv.dll
2014-02-12 10:30:56 ----A---- C:\windows\SysWOW64\secproc.dll
2014-02-12 10:30:55 ----A---- C:\windows\SysWOW64\msdrm.dll
2014-02-12 10:30:54 ----A---- C:\windows\SysWOW64\secproc_ssp.dll
2014-02-12 10:30:53 ----A---- C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 10:28:31 ----A---- C:\windows\SysWOW64\d3d10warp.dll
2014-02-12 10:28:29 ----A---- C:\windows\SysWOW64\d2d1.dll
2014-02-08 18:10:19 ----D---- C:\Program Files (x86)\Strategy First
2014-02-08 13:18:16 ----D---- C:\Program Files (x86)\GrabRez
2014-02-08 11:40:25 ----D---- C:\Program Files (x86)\SearchProtect
2014-01-26 22:05:10 ----D---- C:\Users\Robin\AppData\Roaming\MP3 Cut
2014-01-26 22:04:28 ----D---- C:\Program Files (x86)\MP3 Cut
2014-01-12 12:55:32 ----A---- C:\AdwCleaner[S5].txt
2014-01-12 12:50:35 ----A---- C:\AdwCleaner[R5].txt
2014-01-09 20:39:52 ----A---- C:\AdwCleaner[S4].txt
2014-01-09 20:38:51 ----A---- C:\AdwCleaner[R4].txt
2014-01-08 20:09:12 ----D---- C:\Program Files (x86)\Sense
2014-01-08 19:55:31 ----D---- C:\Users\Robin\AppData\Roaming\FreeFileViewer
2014-01-08 15:59:29 ----D---- C:\Program Files (x86)\File Type Assistant
2014-01-08 15:55:54 ----D---- C:\Program Files (x86)\FreeFileViewer
2014-01-08 15:55:51 ----D---- C:\Program Files (x86)\MyPC Backup
2014-01-08 15:55:41 ----D---- C:\Users\Robin\AppData\Roaming\FoxTab
2014-01-08 15:54:28 ----D---- C:\Program Files (x86)\Foxtab
2014-01-04 14:55:36 ----A---- C:\windows\SysWOW64\rp.dll
2014-01-02 19:23:58 ----D---- C:\Users\Robin\AppData\Roaming\fltk.org
2014-01-02 19:22:05 ----D---- C:\Program Files (x86)\Tekken 3
2014-01-02 19:10:21 ----D---- C:\ProgramData\SearchModule
2014-01-02 19:10:16 ----D---- C:\Program Files (x86)\YouTube Accelerator
2014-01-02 19:08:49 ----D---- C:\Program Files (x86)\Object Browser
2014-01-02 19:06:19 ----D---- C:\Users\Robin\AppData\Roaming\uTorrent
2013-12-17 11:08:59 ----D---- C:\windows\ERUNT
2013-12-16 16:48:25 ----SHD---- C:\$RECYCLE.BIN
2013-12-16 13:04:34 ----D---- C:\Users\Robin\AppData\Roaming\Malwarebytes
2013-12-16 13:03:28 ----D---- C:\ProgramData\Malwarebytes
2013-12-16 13:03:16 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 10:28:08 ----A---- C:\AdwCleaner[S3].txt
2013-12-16 10:23:34 ----A---- C:\AdwCleaner[R3].txt
======List of files/folders modified in the last 3 months======
2014-03-13 20:45:04 ----D---- C:\windows\Prefetch
2014-03-13 20:44:59 ----D---- C:\Program Files (x86)\trend micro
2014-03-13 20:44:46 ----D---- C:\windows\temp
2014-03-13 16:02:28 ----SHD---- C:\System Volume Information
2014-03-13 12:51:24 ----D---- C:\windows\winsxs
2014-03-13 12:37:14 ----AD---- C:\ProgramData\TEMP
2014-03-13 09:49:50 ----D---- C:\windows\Tasks
2014-03-13 09:49:50 ----D---- C:\Windows
2014-03-13 09:49:48 ----D---- C:\windows\System32
2014-03-13 09:49:47 ----D---- C:\ProgramData\PMB Files
2014-03-13 09:49:47 ----D---- C:\ProgramData\FLEXnet
2014-03-13 09:49:42 ----D---- C:\windows\registration
2014-03-10 22:57:44 ----D---- C:\Users\Robin\AppData\Roaming\Skype
2014-03-07 00:03:24 ----D---- C:\Program Files (x86)\Full Tilt Poker
2014-03-05 03:04:18 ----SHD---- C:\windows\Installer
2014-03-05 03:04:18 ----D---- C:\ProgramData\Skype
2014-03-05 03:04:06 ----RD---- C:\Program Files (x86)\Skype
2014-03-05 03:04:05 ----D---- C:\Program Files (x86)\Common Files
2014-02-28 03:52:01 ----D---- C:\windows\Microsoft.NET
2014-02-28 03:12:49 ----D---- C:\windows\SysWOW64
2014-02-28 03:12:49 ----A---- C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-28 03:12:28 ----D---- C:\windows\inf
2014-02-27 03:26:29 ----RSD---- C:\windows\assembly
2014-02-27 03:14:21 ----D---- C:\windows\SysWOW64\en-US
2014-02-27 03:12:31 ----SD---- C:\ProgramData\Microsoft
2014-02-21 23:07:00 ----D---- C:\Users\Robin\AppData\Roaming\ICQ
2014-02-17 09:08:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 13:20:38 ----RD---- C:\Program Files (x86)
2014-02-15 16:47:45 ----D---- C:\Program Files (x86)\Google
2014-02-13 10:27:35 ----D---- C:\windows\SysWOW64\cs-CZ
2014-02-13 10:27:34 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-31 14:33:36 ----D---- C:\FFOutput
2014-01-15 23:36:03 ----D---- C:\ProgramData\Microsoft Help
2014-01-14 11:16:03 ----D---- C:\Program Files (x86)\SoftwareUpdater
2014-01-12 19:34:41 ----D---- C:\Users\Robin\AppData\Roaming\Audacity
2014-01-12 18:03:44 ----D---- C:\Users\Robin\AppData\Roaming\Any Video Converter
2014-01-12 12:14:48 ----D---- C:\windows\Minidump
2014-01-12 12:14:42 ----SD---- C:\Users\Robin\AppData\Roaming\Microsoft
2014-01-03 08:34:34 ----D---- C:\Users\Robin\AppData\Roaming\BSplayer
2014-01-02 19:10:21 ----D---- C:\ProgramData
2013-12-18 02:53:38 ----D---- C:\Program Files (x86)\Portrait Professional Studio 10
2013-12-16 16:48:29 ----A---- C:\windows\system.ini
2013-12-16 16:40:53 ----D---- C:\windows\erdnt
2013-12-16 16:32:56 ----D---- C:\windows\SysWOW64\drivers
2013-12-16 16:32:56 ----D---- C:\windows\AppPatch
2013-12-16 11:24:15 ----D---- C:\Program Files (x86)\GameSpy Arcade
2013-12-16 10:20:43 ----RD---- C:\Program Files
2013-12-15 17:53:03 ----D---- C:\Users\Robin\AppData\Roaming\GameRanger
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys []
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys []
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys []
R1 aswSnx;aswSnx; C:\windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\windows\SysWOW64\drivers\aswTdi.sys []
R1 avgtp;avgtp; \??\C:\windows\system32\drivers\avgtpx64.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys []
R1 TsLwWfF;WiFi Capture Driver; C:\windows\system32\DRIVERS\TsLwWfF.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys []
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys []
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\windows\system32\DRIVERS\MarvinBus64.sys []
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys []
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys []
R3 SMUpdd;Search Module UpdateD; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [2014-02-21 41320]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys []
S2 rismxdp;Ricoh xD-Picture Card Driver; C:\windows\system32\DRIVERS\rixdpx64.sys []
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys []
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys []
S3 MAUSBMOBILEPREII;Service for M-Audio MobilePre II; C:\windows\system32\DRIVERS\MAudioMobilePreII.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\windows\system32\DRIVERS\netaapl64.sys []
S3 NETw5v64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 64 Bit; C:\windows\system32\DRIVERS\NETw5v64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys []
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys []
S3 winbondcir;Winbond IR Transceiver; C:\windows\system32\DRIVERS\winbondcir.sys []
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-03-03 2454816]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-01-08 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MobilePreIIAudioDevMon;MobilePre Audio Device Monitor; C:\Program Files (x86)\M-Audio\MobilePre\AudioDevMon.exe [2010-06-21 1923592]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-01-12 635416]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2012-07-04 75064]
R2 SMUpd;Search Module Update; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2014-02-21 2577768]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [2010-01-29 244736]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-04 711112]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-19 1028096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-03-28 799800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-09-19 38440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-24 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-19 647680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-24 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-17 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 stllssvr;stllssvr; c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-14 257416]
S4 BitGuard;BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2013-11-18 3780064]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalý notebook, prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalý notebook, prosím o kontrolu logu
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Pomalý notebook, prosím o kontrolu logu
JRT log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Robin on źt 13.03.2014 at 21:47:56,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355285550}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455825592}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466826692}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344284450}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444824492}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355285550}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455825592}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466826692}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344284450}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444824492}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355285550}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344284450}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444824492}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311281150}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355285550}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455825592}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466826692}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344284450}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444824492}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\bitguard"
Successfully deleted: [Folder] "C:\Users\Robin\appdata\local\filetypeassistant"
Successfully deleted: [Folder] "C:\Users\Robin\appdata\local\searchprotect"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\Users\Robin\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"
~~~ FireFox
Successfully deleted: [File] C:\Users\Robin\AppData\Roaming\mozilla\firefox\profiles\l1gd7yx1.default\user.js
Successfully deleted: [File] C:\Users\Robin\AppData\Roaming\mozilla\firefox\profiles\l1gd7yx1.default\bprotector_prefs.js
Successfully deleted the following from C:\Users\Robin\AppData\Roaming\mozilla\firefox\profiles\l1gd7yx1.default\prefs.js
user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP72B40906-B8BC-491E-9BD7-4D33377638
user_pref("browser.search.order.1", "Delta Search");
user_pref("browser.search.selectedEngine", "Conduit Search");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP72B40906-B8BC-491E-9BD7-4D3337763825&SSP
user_pref("extensions.crossrider.bic", "14396db834e22ac18f69f11d2ebfa694");
Emptied folder: C:\Users\Robin\AppData\Roaming\mozilla\firefox\profiles\l1gd7yx1.default\minidumps [4 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 13.03.2014 at 22:07:56,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ADW log:
# AdwCleaner v2.006 - Logfile created 03/13/2014 at 22:15:40
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Robin - ROBIN-HP
# Boot Mode : Normal
# Running from : C:\Users\Robin\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software
***** [Internet Browsers] *****
-\\ Internet Explorer v9.10.9200.16798
[OK] Registry is clean.
-\\ Mozilla Firefox v27.0.1 (cs)
Profile name : default
File : C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S2].txt - [3078 octets] - [15/08/2013 23:43:32]
AdwCleaner[R3].txt - [2409 octets] - [16/12/2013 10:23:34]
AdwCleaner[S3].txt - [2352 octets] - [16/12/2013 10:28:08]
AdwCleaner[R4].txt - [2491 octets] - [09/01/2014 20:38:51]
AdwCleaner[S4].txt - [2376 octets] - [09/01/2014 20:39:52]
AdwCleaner[R5].txt - [1482 octets] - [12/01/2014 12:50:35]
AdwCleaner[S5].txt - [1493 octets] - [12/01/2014 12:55:32]
AdwCleaner[R6].txt - [1511 octets] - [13/03/2014 22:12:13]
AdwCleaner[R7].txt - [1571 octets] - [13/03/2014 22:15:17]
AdwCleaner[S6].txt - [1509 octets] - [13/03/2014 22:15:40]
########## EOF - C:\AdwCleaner[S6].txt - [1569 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Robin on źt 13.03.2014 at 21:47:56,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355285550}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455825592}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466826692}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344284450}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444824492}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355285550}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455825592}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466826692}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344284450}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444824492}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355285550}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344284450}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444824492}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311281150}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355285550}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455825592}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466826692}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344284450}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444824492}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\bitguard"
Successfully deleted: [Folder] "C:\Users\Robin\appdata\local\filetypeassistant"
Successfully deleted: [Folder] "C:\Users\Robin\appdata\local\searchprotect"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\Users\Robin\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"
~~~ FireFox
Successfully deleted: [File] C:\Users\Robin\AppData\Roaming\mozilla\firefox\profiles\l1gd7yx1.default\user.js
Successfully deleted: [File] C:\Users\Robin\AppData\Roaming\mozilla\firefox\profiles\l1gd7yx1.default\bprotector_prefs.js
Successfully deleted the following from C:\Users\Robin\AppData\Roaming\mozilla\firefox\profiles\l1gd7yx1.default\prefs.js
user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP72B40906-B8BC-491E-9BD7-4D33377638
user_pref("browser.search.order.1", "Delta Search");
user_pref("browser.search.selectedEngine", "Conduit Search");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP72B40906-B8BC-491E-9BD7-4D3337763825&SSP
user_pref("extensions.crossrider.bic", "14396db834e22ac18f69f11d2ebfa694");
Emptied folder: C:\Users\Robin\AppData\Roaming\mozilla\firefox\profiles\l1gd7yx1.default\minidumps [4 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 13.03.2014 at 22:07:56,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ADW log:
# AdwCleaner v2.006 - Logfile created 03/13/2014 at 22:15:40
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Robin - ROBIN-HP
# Boot Mode : Normal
# Running from : C:\Users\Robin\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software
***** [Internet Browsers] *****
-\\ Internet Explorer v9.10.9200.16798
[OK] Registry is clean.
-\\ Mozilla Firefox v27.0.1 (cs)
Profile name : default
File : C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S2].txt - [3078 octets] - [15/08/2013 23:43:32]
AdwCleaner[R3].txt - [2409 octets] - [16/12/2013 10:23:34]
AdwCleaner[S3].txt - [2352 octets] - [16/12/2013 10:28:08]
AdwCleaner[R4].txt - [2491 octets] - [09/01/2014 20:38:51]
AdwCleaner[S4].txt - [2376 octets] - [09/01/2014 20:39:52]
AdwCleaner[R5].txt - [1482 octets] - [12/01/2014 12:50:35]
AdwCleaner[S5].txt - [1493 octets] - [12/01/2014 12:55:32]
AdwCleaner[R6].txt - [1511 octets] - [13/03/2014 22:12:13]
AdwCleaner[R7].txt - [1571 octets] - [13/03/2014 22:15:17]
AdwCleaner[S6].txt - [1509 octets] - [13/03/2014 22:15:40]
########## EOF - C:\AdwCleaner[S6].txt - [1569 octets] ##########
Re: Pomalý notebook, prosím o kontrolu logu
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomalý notebook, prosím o kontrolu logu
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Robin on p 14.03.2014 at 14:44:08,12.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Robin\Desktop\zoek.scr [Scan all users] [Script inserted]
==== System Restore Info ======================
14.3.2014 14:49:07 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} deleted successfully
HKEY_USERS\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} deleted successfully
HKEY_USERS\S-1-5-21-170101940-3079598023-1448400411-1002\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311281150} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411821192} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\UrlSearchHooks\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YouTubeAcceleratorService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YouTubeAcceleratorService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BitGuard deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BitGuard deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater13.2.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater13.2.0 deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\prefs.js:
user_pref("browser.search.defaultenginename", "Search Module");
user_pref("keyword.URL", "http://www-search.net/search.aspx?s=%sb ... a41fbe,&q=");
Added to C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default
user.js not found
---- Lines Search modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- Lines a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292 removed from prefs.js ----
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.active", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.addressbar", "NA");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.addressbarenhanced", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb.was_copied", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb_dbWasSet", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb.was_copied", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.backgroundver", 1);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.certdomaininstaller", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_aoi.value", "%221390046450%22");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_parent_zoneid.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_parent_zoneid.value", "%22469587%22"
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallationTime.value", "%221389208137%2
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.description", ".");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.domain", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.enablesearch", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.homepage", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.changeprevious", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.iframe", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.InstallationThankYouPage", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.InstallationTime", 1389208137);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_appVer.value", "22");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_lastVersion.value", "0");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_nextCheck.expiration", "Mon
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.lastDailyReport", "1392587892831");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.lastUpdate", "1392914515121");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.manifesturl", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.name", "Sense");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.newtab", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.opensearch", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.pluginsversion", 18);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.publisher", "Object Browser");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.searchstatus", 0);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.setnewtab", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.thankyou", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.updateinterval", 360);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.ver", 22);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.apps", "48292");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.bic", "14396db834e22ac18f69f11d2ebfa694");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.cid", 48292);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.FilesValidatorDueTime", "1392914571465");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.firstrun", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.hadappinstalled", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.installationdate", 1389805405);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.modetype", "production");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.reportInstall", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.statsDailyCounter", 32);
---- Lines a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850 removed from prefs.js ----
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.active", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbar", "NA");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbarenhanced", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb.was_copied", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb.was_copied", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.backgroundver", 1);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.certdomaininstaller", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.value", "1390046410");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.jw_token.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.jw_token.value", "%22e8b30065-0547-0fe5-0
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.expiration", "Sat Mar 01 2014 15:48:01
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.value", "%22%5C%22CZ%5C%22%22");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.description", "Browser enhancer");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.domain", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.enablesearch", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.homepage", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.changeprevious", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.iframe", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.InstallationTime", 1390046410);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.value", "152");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.expiration", "Thu
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastDailyReport", "1392914535510");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastUpdate", "1392914510616");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.manifesturl", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.name", "Object Browser");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.newtab", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.opensearch", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsversion", 117);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.publisher", "Object Browser");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.searchstatus", 0);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.setnewtab", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.thankyou", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.updateinterval", 360);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.ver", 152);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.apps", "32850");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.bic", "14396db834e22ac18f69f11d2ebfa694");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.cid", 32850);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.FilesValidatorDueTime", "1392914568160");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.firstrun", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.hadappinstalled", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.installationdate", 1390046409);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.modetype", "production");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.reportInstall", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.statsDailyCounter", 32);
---- Lines extensions.502289a970d36 removed from prefs.js ----
user_pref("extensions.502289a970d36.epoch", "1371629052");
user_pref("extensions.502289a970d36.url", "http://jpi-syncer.info/sync/?ext=stuner ... =50a560088
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.extensionFirstRun", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.lastExtensionVersion", "2.0.0.485");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_installer_name", "sg_6PQFWF0ZhO_active_MB131_MB132_UA-25323614-7_2012-08-08-17-56-12");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_name", "Web Assistant");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_version", "2.0.0.485");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_temp_installer_name", "sg_6PQFWF0ZhO_active_MB131_MB132_UA-25323614-7_2012-08-08-17-56-12
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_toolbarID", "a55599a30f0c4d7b80f2fa790a5670ec");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dailyPing", "true|||1350071379712");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_debugMode", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_gtQueryParam", "UA-25323614-7");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_installedPing", "true|||8641345667166973");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_lastUpdate", "1349984979552|||8641349984979553");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam1", "MB131");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam2", "MB132");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_showtoaster", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_status", "active");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toasterID", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_upn2", "6PQFWF0ZhO");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.464", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.485", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.413", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.464", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.485", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.464", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.485", false);
---- FireFox user.js and prefs.js backups ----
prefs_14.03.2014_1516_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-
==== Batch Command(s) Run By Tool======================
Katalog Winsock byl ŁspŘçnŘ resetov n.
K dokonźenˇ resetov nˇ je nutn‚ restartovat poźˇtaź.
==== Deleting Files \ Folders ======================
C:\windows\syswow64\appdata deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Uniblue\DriverScanner deleted
C:\PROGRA~2\FreeFileViewer deleted
C:\PROGRA~2\SoftwareUpdater deleted
C:\PROGRA~2\Object Browser deleted
C:\PROGRA~2\Foxtab deleted
C:\PROGRA~2\GrabRez deleted
C:\PROGRA~2\File Type Assistant deleted
C:\PROGRA~2\GreenTree Applications deleted
C:\PROGRA~2\COMMON~1\AVG Secure Search deleted
C:\found.000 deleted
C:\Users\Robin\AppData\Roaming\Uniblue deleted
C:\Users\Robin\AppData\Roaming\FoxTab deleted
C:\Users\Robin\AppData\Roaming\ICQ Search deleted
C:\PROGRA~3\AlawarWrapper deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\SearchModule deleted
C:\Users\Robin\AppData\Local\foxtab_speeddial.crx deleted
C:\Users\Robin\AppData\Local\FileTypeAssistant deleted
C:\Users\Robin\AppData\Local\avgchrome deleted
C:\Users\Robin\AppData\Local\cache deleted
C:\windows\sysWoW64\config\systemprofile\AppData\Local\FileTypeAssistant deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator deleted
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk deleted
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted
C:\windows\SysNative\roboot64.exe deleted
C:\windows\SysNative\dmwu.exe deleted
C:\Users\Robin\AppData\LocalLow\AVG Security Toolbar deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\tasks\FreeFileViewerUpdateChecker.job deleted
C:\windows\SysNative\tasks\FreeFileViewerUpdateChecker deleted
C:\windows\SysNative\tasks\RunAsStdUser Task deleted
C:\windows\Syswow64\SearchProtect deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\searchplugins\conduit-search.xml deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\ICQToolbarData deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} deleted
"C:\Users\Robin\AppData\Local\{0B21E89F-1871-4E73-B5A9-D1AE82281AE7}" deleted
"C:\PROGRA~2\YouTube Accelerator\engine.dll" deleted
"C:\PROGRA~2\YouTube Accelerator\helper.dll" deleted
"C:\PROGRA~2\YouTube Accelerator\ipc.dll" deleted
"C:\PROGRA~2\YouTube Accelerator\xmldb.dll" deleted
"C:\PROGRA~2\YouTube Accelerator\YouTubeAccelerator.exe" deleted
"C:\PROGRA~2\YouTube Accelerator\ytalsp.dll" deleted
"C:\PROGRA~2\YouTube Accelerator" not deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.11.2012 14:30]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default
- ADDICT-THING - %ProfilePath%\extensions\502289a970c8c@502289a970cc5.info
- Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Robin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
1BFD18699636B8F1AA26675BA43D2F8F - C:\windows\SysWoW64\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director
DAD55CEF682EAE6FA7B4C9487563A496 - C:\windows\SysWoW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director
3D3AF7420B5B01F591163BB3CEA89877 - C:\Users\Robin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
F475DAA3CF6D19DA49BE7BAC0A966DB3 - C:\windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
==== Deleted Firefox Extensions ======================
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\extensions\502289a970c8c@502289a970cc5.info deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dchmpbaclbiioedakpcldenooikekokm - C:\Users\Robin\AppData\Local\foxtab_speeddial.crx[]
fbmpeadffgjjjdpgbpocggpccjfacoim - C:\ProgramData\ADDICT-THING\fbmpeadffgjjjdpgbpocggpccjfacoim.crx[]
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30.10.2012 23:48]
jifflliplgeajjdhmkcfnngfpgbjonjg - C:\Program Files (x86)\Perion\NewTab\newTab.crx[]
mflohlhbbdnhenmmpfdpaepdpmmfhgia - C:\Program Files\Common Files\Goobzo\GBUpdate\SearchModule.crx[]
ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\13.2.0.4\avg.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dchmpbaclbiioedakpcldenooikekokm - C:\Users\Robin\AppData\Local\foxtab_speeddial.crx[]
avast WebRep - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
==== Chrome Fix ======================
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameranger.en.softonic.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameranger.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_viber.en.softonic.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_viber.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whatsapp.en.softonic.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whatsapp.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchmpbaclbiioedakpcldenooikekokm deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dchmpbaclbiioedakpcldenooikekokm_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dchmpbaclbiioedakpcldenooikekokm_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dchmpbaclbiioedakpcldenooikekokm deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{EFD90A5C-C40F-45D9-92AB-A3DAE671237A} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
==== Reset Google Chrome ======================
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Robin\Desktop\Adobe Photoshop CS3.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe
C:\Users\Robin\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe
C:\Users\Robin\Desktop\AviTricks Classic.lnk - C:\Program Files (x86)\Bobyte\AviTricks Classic\AviTricks.exe
C:\Users\Robin\Desktop\AVS Video Editor.lnk - C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe
C:\Users\Robin\Desktop\AVS4YOU Software Navigator.lnk - C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\AVS4YOUSoftwareNavigator.exe
C:\Users\Robin\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner.exe
C:\Users\Robin\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Robin\Desktop\GamePark klient 2.lnk - C:\Program Files (x86)\GamePark2\gpcl.exe
C:\Users\Robin\Desktop\GamePark.lnk - C:\Program Files (x86)\GamePark\GamePark.url
C:\Users\Robin\Desktop\GameSpy Arcade.lnk - C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
C:\Users\Robin\Desktop\Governor of Poker 2 – zástupce.lnk -
C:\Users\Robin\Desktop\Legion Gold.lnk - C:\Program Files (x86)\Strategy First\Legion Gold\Legion.exe
C:\Users\Robin\Desktop\MV2Player.lnk - C:\Program Files (x86)\Mv2Player\Mv2PlayerPlus.exe
C:\Users\Robin\Desktop\ParadisePoker.lnk - C:\Program Files (x86)\ParadisePoker\poker.exe
C:\Users\Robin\Desktop\Photomatix Pro 4.0.2 (64-bit).lnk - C:\Program Files\PhotomatixPro4\PhotomatixPro.exe
C:\Users\Robin\Desktop\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Robin\Desktop\Portrait Professional Studio 10.lnk - C:\Program Files (x86)\Portrait Professional Studio 10\PortraitProfessionalStudio.exe
C:\Users\Robin\Desktop\µTorrent.lnk -
C:\Users\Robin\Desktop\Ofiis2007\Shortcut (2) to setup.lnk - E:\MOJE\J@J@\setup.exe
C:\Users\Robin\Desktop\Ofiis2007\Shortcut to setup.lnk - E:\MOJE\J@J@\setup.exe
C:\Users\Robin\Desktop\Robin skola\Downloads.lnk - C:\Users\Robin\Searches\Downloads
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Users\Public\Desktop\CommView for WiFi.lnk - C:\Users\Robin\Searches\Downloads\CommView-For-WiFi\CommView For WiFi\CV.EXE
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\DriverScanner.lnk - C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe
C:\Users\Public\Desktop\Free MP3 Cutter and Editor.lnk - C:\Program Files (x86)\MuseTips\Free MP3 Cutter and Editor\MP3Cutter.exe
C:\Users\Public\Desktop\Full Tilt Poker.lnk - C:\Program Files (x86)\Full Tilt Poker\FullTiltPoker.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www-search.net/?pid=s&pi=1
C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Users\Public\Desktop\iCoolsoft FLV Converter.lnk - C:\Program Files (x86)\iCoolsoft Studio\iCoolsoft FLV Converter\iCoolsoft FLV Converter.exe
C:\Users\Public\Desktop\ICQ7M.lnk - C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Just sing.lnk - C:\Program Files (x86)\Just sing\Just sing.exe
C:\Users\Public\Desktop\Leawo Video Converter.lnk - C:\Program Files (x86)\Leawo\Video Converter\VideoConverter.exe
C:\Users\Public\Desktop\Lightroom 3.3 64-bit.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 3.3\lightroom.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Media Player Classic.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\Users\Public\Desktop\MOV to WMV.lnk - C:\Program Files (x86)\MOV to WMV\movtowmv.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www-search.net/?pid=s&pi=1
C:\Users\Public\Desktop\MP3 Cut.lnk - C:\Program Files (x86)\MP3 Cut\MP3 Cut.exe
C:\Users\Public\Desktop\NHL06.lnk - C:\Program Files (x86)\EA SPORTS\NHL06\nhl06.exe
C:\Users\Public\Desktop\Play PKR.lnk - C:\Program Files (x86)\PKR\pkr.exe
C:\Users\Public\Desktop\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\Tekken 3.lnk - C:\Program Files (x86)\Tekken 3\Tekken.bat
C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP32.EXE
C:\Users\Public\Desktop\YTD Video Downloader.lnk - C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Legion Gold™.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www-search.net/?pid=s&pi=1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www-search.net/?pid=s&pi=1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\Hasbro Interactive Web Site.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\Hasbro Interactive.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\ReadMe.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon Web Site.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon Web Site.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\rct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\Uninstall RollerCoaster Tycoon.lnk - C:\Windows\UniFish3.exe C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon.log
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\4Media FLV to WMV Converter 6.lnk - C:\Program Files (x86)\4Media\FLV to WMV Converter 6\vcloader.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free MP3 Cutter and Editor.lnk - C:\Program Files (x86)\MuseTips\Free MP3 Cutter and Editor\MP3Cutter.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk - C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iCoolsoft FLV Converter.lnk - C:\Program Files (x86)\iCoolsoft Studio\iCoolsoft FLV Converter\iCoolsoft FLV Converter.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ICQ7M.lnk - C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Jetbull Poker.lnk - C:\Program Files (x86)\Jetbull Poker\JetbullPoker.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MV2Player.lnk - C:\Program Files (x86)\Mv2Player\Mv2PlayerPlus.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\rajče průvodce.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Video Download Capture.lnk - C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\79d64f69b2d4969d\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Photoshop CS3.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\GamePark klient 2.lnk - C:\Program Files (x86)\GamePark2\gpcl.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
==== shortcuts After Repair ======================
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E931A51-A183-4E66-8562-D82896E74C67} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6F48E7E-1332-9393-A580-E3386A68C8FC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dchmpbaclbiioedakpcldenooikekokm deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dchmpbaclbiioedakpcldenooikekokm deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fbmpeadffgjjjdpgbpocggpccjfacoim deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mflohlhbbdnhenmmpfdpaepdpmmfhgia deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\dchmpbaclbiioedakpcldenooikekokm deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Robin\AppData\Local\Mozilla\Firefox\Profiles\l1gd7yx1.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=980 folders=248 133887524 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Robin\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Robin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\PROGRA~2\YouTube Accelerator" not found
==== EOF on p 14.03.2014 at 15:33:51,05 ======================
Tool run by Robin on p 14.03.2014 at 14:44:08,12.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Robin\Desktop\zoek.scr [Scan all users] [Script inserted]
==== System Restore Info ======================
14.3.2014 14:49:07 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} deleted successfully
HKEY_USERS\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} deleted successfully
HKEY_USERS\S-1-5-21-170101940-3079598023-1448400411-1002\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311281150} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411821192} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\UrlSearchHooks\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YouTubeAcceleratorService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YouTubeAcceleratorService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BitGuard deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BitGuard deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater13.2.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater13.2.0 deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\prefs.js:
user_pref("browser.search.defaultenginename", "Search Module");
user_pref("keyword.URL", "http://www-search.net/search.aspx?s=%sb ... a41fbe,&q=");
Added to C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default
user.js not found
---- Lines Search modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- Lines a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292 removed from prefs.js ----
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.active", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.addressbar", "NA");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.addressbarenhanced", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb.was_copied", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb_dbWasSet", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb.was_copied", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.backgroundver", 1);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.certdomaininstaller", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_aoi.value", "%221390046450%22");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_parent_zoneid.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_parent_zoneid.value", "%22469587%22"
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallationTime.value", "%221389208137%2
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.description", ".");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.domain", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.enablesearch", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.homepage", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.changeprevious", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.iframe", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.InstallationThankYouPage", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.InstallationTime", 1389208137);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_appVer.value", "22");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_lastVersion.value", "0");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_nextCheck.expiration", "Mon
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.lastDailyReport", "1392587892831");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.lastUpdate", "1392914515121");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.manifesturl", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.name", "Sense");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.newtab", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.opensearch", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.pluginsversion", 18);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.publisher", "Object Browser");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.searchstatus", 0);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.setnewtab", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.thankyou", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.updateinterval", 360);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.ver", 22);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.apps", "48292");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.bic", "14396db834e22ac18f69f11d2ebfa694");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.cid", 48292);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.FilesValidatorDueTime", "1392914571465");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.firstrun", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.hadappinstalled", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.installationdate", 1389805405);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.modetype", "production");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.reportInstall", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.statsDailyCounter", 32);
---- Lines a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850 removed from prefs.js ----
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.active", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbar", "NA");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbarenhanced", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb.was_copied", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb.was_copied", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.backgroundver", 1);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.certdomaininstaller", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.value", "1390046410");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.jw_token.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.jw_token.value", "%22e8b30065-0547-0fe5-0
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.expiration", "Sat Mar 01 2014 15:48:01
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.value", "%22%5C%22CZ%5C%22%22");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.description", "Browser enhancer");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.domain", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.enablesearch", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.homepage", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.changeprevious", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.iframe", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.InstallationTime", 1390046410);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.value", "152");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.expiration", "Thu
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastDailyReport", "1392914535510");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastUpdate", "1392914510616");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.manifesturl", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.name", "Object Browser");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.newtab", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.opensearch", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsversion", 117);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.publisher", "Object Browser");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.searchstatus", 0);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.setnewtab", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.thankyou", "");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.updateinterval", 360);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.ver", 152);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.apps", "32850");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.bic", "14396db834e22ac18f69f11d2ebfa694");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.cid", 32850);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.FilesValidatorDueTime", "1392914568160");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.firstrun", false);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.hadappinstalled", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.installationdate", 1390046409);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.modetype", "production");
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.reportInstall", true);
user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.statsDailyCounter", 32);
---- Lines extensions.502289a970d36 removed from prefs.js ----
user_pref("extensions.502289a970d36.epoch", "1371629052");
user_pref("extensions.502289a970d36.url", "http://jpi-syncer.info/sync/?ext=stuner ... =50a560088
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.extensionFirstRun", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.lastExtensionVersion", "2.0.0.485");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_installer_name", "sg_6PQFWF0ZhO_active_MB131_MB132_UA-25323614-7_2012-08-08-17-56-12");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_name", "Web Assistant");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_version", "2.0.0.485");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_temp_installer_name", "sg_6PQFWF0ZhO_active_MB131_MB132_UA-25323614-7_2012-08-08-17-56-12
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_toolbarID", "a55599a30f0c4d7b80f2fa790a5670ec");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dailyPing", "true|||1350071379712");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_debugMode", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_gtQueryParam", "UA-25323614-7");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_installedPing", "true|||8641345667166973");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_lastUpdate", "1349984979552|||8641349984979553");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam1", "MB131");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam2", "MB132");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_showtoaster", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_status", "active");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toasterID", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_upn2", "6PQFWF0ZhO");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.464", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.485", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.413", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.464", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.485", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.464", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.485", false);
---- FireFox user.js and prefs.js backups ----
prefs_14.03.2014_1516_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-
==== Batch Command(s) Run By Tool======================
Katalog Winsock byl ŁspŘçnŘ resetov n.
K dokonźenˇ resetov nˇ je nutn‚ restartovat poźˇtaź.
==== Deleting Files \ Folders ======================
C:\windows\syswow64\appdata deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Uniblue\DriverScanner deleted
C:\PROGRA~2\FreeFileViewer deleted
C:\PROGRA~2\SoftwareUpdater deleted
C:\PROGRA~2\Object Browser deleted
C:\PROGRA~2\Foxtab deleted
C:\PROGRA~2\GrabRez deleted
C:\PROGRA~2\File Type Assistant deleted
C:\PROGRA~2\GreenTree Applications deleted
C:\PROGRA~2\COMMON~1\AVG Secure Search deleted
C:\found.000 deleted
C:\Users\Robin\AppData\Roaming\Uniblue deleted
C:\Users\Robin\AppData\Roaming\FoxTab deleted
C:\Users\Robin\AppData\Roaming\ICQ Search deleted
C:\PROGRA~3\AlawarWrapper deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\SearchModule deleted
C:\Users\Robin\AppData\Local\foxtab_speeddial.crx deleted
C:\Users\Robin\AppData\Local\FileTypeAssistant deleted
C:\Users\Robin\AppData\Local\avgchrome deleted
C:\Users\Robin\AppData\Local\cache deleted
C:\windows\sysWoW64\config\systemprofile\AppData\Local\FileTypeAssistant deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator deleted
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk deleted
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted
C:\windows\SysNative\roboot64.exe deleted
C:\windows\SysNative\dmwu.exe deleted
C:\Users\Robin\AppData\LocalLow\AVG Security Toolbar deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\tasks\FreeFileViewerUpdateChecker.job deleted
C:\windows\SysNative\tasks\FreeFileViewerUpdateChecker deleted
C:\windows\SysNative\tasks\RunAsStdUser Task deleted
C:\windows\Syswow64\SearchProtect deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\searchplugins\conduit-search.xml deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\ICQToolbarData deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com deleted
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} deleted
"C:\Users\Robin\AppData\Local\{0B21E89F-1871-4E73-B5A9-D1AE82281AE7}" deleted
"C:\PROGRA~2\YouTube Accelerator\engine.dll" deleted
"C:\PROGRA~2\YouTube Accelerator\helper.dll" deleted
"C:\PROGRA~2\YouTube Accelerator\ipc.dll" deleted
"C:\PROGRA~2\YouTube Accelerator\xmldb.dll" deleted
"C:\PROGRA~2\YouTube Accelerator\YouTubeAccelerator.exe" deleted
"C:\PROGRA~2\YouTube Accelerator\ytalsp.dll" deleted
"C:\PROGRA~2\YouTube Accelerator" not deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.11.2012 14:30]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default
- ADDICT-THING - %ProfilePath%\extensions\502289a970c8c@502289a970cc5.info
- Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Robin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
1BFD18699636B8F1AA26675BA43D2F8F - C:\windows\SysWoW64\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director
DAD55CEF682EAE6FA7B4C9487563A496 - C:\windows\SysWoW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director
3D3AF7420B5B01F591163BB3CEA89877 - C:\Users\Robin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
F475DAA3CF6D19DA49BE7BAC0A966DB3 - C:\windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
==== Deleted Firefox Extensions ======================
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\extensions\502289a970c8c@502289a970cc5.info deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dchmpbaclbiioedakpcldenooikekokm - C:\Users\Robin\AppData\Local\foxtab_speeddial.crx[]
fbmpeadffgjjjdpgbpocggpccjfacoim - C:\ProgramData\ADDICT-THING\fbmpeadffgjjjdpgbpocggpccjfacoim.crx[]
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30.10.2012 23:48]
jifflliplgeajjdhmkcfnngfpgbjonjg - C:\Program Files (x86)\Perion\NewTab\newTab.crx[]
mflohlhbbdnhenmmpfdpaepdpmmfhgia - C:\Program Files\Common Files\Goobzo\GBUpdate\SearchModule.crx[]
ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\13.2.0.4\avg.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dchmpbaclbiioedakpcldenooikekokm - C:\Users\Robin\AppData\Local\foxtab_speeddial.crx[]
avast WebRep - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
==== Chrome Fix ======================
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameranger.en.softonic.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameranger.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_viber.en.softonic.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_viber.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whatsapp.en.softonic.com_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whatsapp.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchmpbaclbiioedakpcldenooikekokm deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dchmpbaclbiioedakpcldenooikekokm_0.localstorage deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dchmpbaclbiioedakpcldenooikekokm_0.localstorage-journal deleted successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dchmpbaclbiioedakpcldenooikekokm deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{EFD90A5C-C40F-45D9-92AB-A3DAE671237A} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
==== Reset Google Chrome ======================
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Robin\Desktop\Adobe Photoshop CS3.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe
C:\Users\Robin\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe
C:\Users\Robin\Desktop\AviTricks Classic.lnk - C:\Program Files (x86)\Bobyte\AviTricks Classic\AviTricks.exe
C:\Users\Robin\Desktop\AVS Video Editor.lnk - C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe
C:\Users\Robin\Desktop\AVS4YOU Software Navigator.lnk - C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\AVS4YOUSoftwareNavigator.exe
C:\Users\Robin\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner.exe
C:\Users\Robin\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Robin\Desktop\GamePark klient 2.lnk - C:\Program Files (x86)\GamePark2\gpcl.exe
C:\Users\Robin\Desktop\GamePark.lnk - C:\Program Files (x86)\GamePark\GamePark.url
C:\Users\Robin\Desktop\GameSpy Arcade.lnk - C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
C:\Users\Robin\Desktop\Governor of Poker 2 – zástupce.lnk -
C:\Users\Robin\Desktop\Legion Gold.lnk - C:\Program Files (x86)\Strategy First\Legion Gold\Legion.exe
C:\Users\Robin\Desktop\MV2Player.lnk - C:\Program Files (x86)\Mv2Player\Mv2PlayerPlus.exe
C:\Users\Robin\Desktop\ParadisePoker.lnk - C:\Program Files (x86)\ParadisePoker\poker.exe
C:\Users\Robin\Desktop\Photomatix Pro 4.0.2 (64-bit).lnk - C:\Program Files\PhotomatixPro4\PhotomatixPro.exe
C:\Users\Robin\Desktop\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Robin\Desktop\Portrait Professional Studio 10.lnk - C:\Program Files (x86)\Portrait Professional Studio 10\PortraitProfessionalStudio.exe
C:\Users\Robin\Desktop\µTorrent.lnk -
C:\Users\Robin\Desktop\Ofiis2007\Shortcut (2) to setup.lnk - E:\MOJE\J@J@\setup.exe
C:\Users\Robin\Desktop\Ofiis2007\Shortcut to setup.lnk - E:\MOJE\J@J@\setup.exe
C:\Users\Robin\Desktop\Robin skola\Downloads.lnk - C:\Users\Robin\Searches\Downloads
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Users\Public\Desktop\CommView for WiFi.lnk - C:\Users\Robin\Searches\Downloads\CommView-For-WiFi\CommView For WiFi\CV.EXE
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\DriverScanner.lnk - C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe
C:\Users\Public\Desktop\Free MP3 Cutter and Editor.lnk - C:\Program Files (x86)\MuseTips\Free MP3 Cutter and Editor\MP3Cutter.exe
C:\Users\Public\Desktop\Full Tilt Poker.lnk - C:\Program Files (x86)\Full Tilt Poker\FullTiltPoker.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www-search.net/?pid=s&pi=1
C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Users\Public\Desktop\iCoolsoft FLV Converter.lnk - C:\Program Files (x86)\iCoolsoft Studio\iCoolsoft FLV Converter\iCoolsoft FLV Converter.exe
C:\Users\Public\Desktop\ICQ7M.lnk - C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Just sing.lnk - C:\Program Files (x86)\Just sing\Just sing.exe
C:\Users\Public\Desktop\Leawo Video Converter.lnk - C:\Program Files (x86)\Leawo\Video Converter\VideoConverter.exe
C:\Users\Public\Desktop\Lightroom 3.3 64-bit.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 3.3\lightroom.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Media Player Classic.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\Users\Public\Desktop\MOV to WMV.lnk - C:\Program Files (x86)\MOV to WMV\movtowmv.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www-search.net/?pid=s&pi=1
C:\Users\Public\Desktop\MP3 Cut.lnk - C:\Program Files (x86)\MP3 Cut\MP3 Cut.exe
C:\Users\Public\Desktop\NHL06.lnk - C:\Program Files (x86)\EA SPORTS\NHL06\nhl06.exe
C:\Users\Public\Desktop\Play PKR.lnk - C:\Program Files (x86)\PKR\pkr.exe
C:\Users\Public\Desktop\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\Tekken 3.lnk - C:\Program Files (x86)\Tekken 3\Tekken.bat
C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP32.EXE
C:\Users\Public\Desktop\YTD Video Downloader.lnk - C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Legion Gold™.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www-search.net/?pid=s&pi=1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www-search.net/?pid=s&pi=1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\Hasbro Interactive Web Site.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\Hasbro Interactive.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\ReadMe.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon Web Site.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon Web Site.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\rct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\Uninstall RollerCoaster Tycoon.lnk - C:\Windows\UniFish3.exe C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon.log
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\4Media FLV to WMV Converter 6.lnk - C:\Program Files (x86)\4Media\FLV to WMV Converter 6\vcloader.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free MP3 Cutter and Editor.lnk - C:\Program Files (x86)\MuseTips\Free MP3 Cutter and Editor\MP3Cutter.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk - C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iCoolsoft FLV Converter.lnk - C:\Program Files (x86)\iCoolsoft Studio\iCoolsoft FLV Converter\iCoolsoft FLV Converter.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ICQ7M.lnk - C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Jetbull Poker.lnk - C:\Program Files (x86)\Jetbull Poker\JetbullPoker.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MV2Player.lnk - C:\Program Files (x86)\Mv2Player\Mv2PlayerPlus.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\rajče průvodce.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Video Download Capture.lnk - C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\79d64f69b2d4969d\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Photoshop CS3.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\GamePark klient 2.lnk - C:\Program Files (x86)\GamePark2\gpcl.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www-search.net/?pid=s&pi=1
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
==== shortcuts After Repair ======================
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Robin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E931A51-A183-4E66-8562-D82896E74C67} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6F48E7E-1332-9393-A580-E3386A68C8FC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dchmpbaclbiioedakpcldenooikekokm deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dchmpbaclbiioedakpcldenooikekokm deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fbmpeadffgjjjdpgbpocggpccjfacoim deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mflohlhbbdnhenmmpfdpaepdpmmfhgia deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\dchmpbaclbiioedakpcldenooikekokm deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Robin\AppData\Local\Mozilla\Firefox\Profiles\l1gd7yx1.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=980 folders=248 133887524 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Robin\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Robin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\PROGRA~2\YouTube Accelerator" not found
==== EOF on p 14.03.2014 at 15:33:51,05 ======================
Re: Pomalý notebook, prosím o kontrolu logu
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomalý notebook, prosím o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Robin (administrator) on ROBIN-HP on 15-03-2014 03:41:57
Running from C:\Users\Robin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\windows\system32\atiesrxx.exe
(IDT, Inc.) C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(M-Audio) C:\Program Files (x86)\M-Audio\MobilePre\AudioDevMon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(Search Module Ltd.) C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(BitTorrent Inc.) C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Facebook Inc.) C:\Users\Robin\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files\Motorola\Bluetooth\btmshell.dll [24783624 2010-06-10] (Motorola, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-29] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-10] ()
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-18] ()
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [GoobzoYouTubeAccelerator] - "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [uTorrent] - C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-08] (BitTorrent Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw_1167637.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Robin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Robin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF SearchPlugin: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Sense - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com [2014-03-14]
FF Extension: Easy YouTube Video Downloader - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-08-03]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-06]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-14]
CHR Extension: (Disk Google) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-14]
CHR Extension: (YouTube) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-14]
CHR Extension: (Vyhledávání Google) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-14]
CHR Extension: (avast! WebRep) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-05-25]
CHR Extension: (Peněženka Google) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-14]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2012-11-06]
==================== Services (Whitelisted) =================
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MobilePreIIAudioDevMon; C:\Program Files (x86)\M-Audio\MobilePre\AudioDevMon.exe [1923592 2010-06-21] (M-Audio)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75064 2012-07-04] ()
R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2577768 2014-02-21] (Search Module Ltd.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-29] (IDT, Inc.)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [30568 2012-11-04] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-01] (DT Soft Ltd)
S3 MAUSBMOBILEPREII; C:\Windows\System32\DRIVERS\MAudioMobilePreII.sys [484360 2010-06-21] (M-Audio)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [41320 2014-02-21] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2010-04-27] ()
R1 TsLwWfF; C:\Windows\System32\DRIVERS\TsLwWfF.sys [26216 2009-11-12] (TamoSoft)
S3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [46592 2007-03-28] (Winbond Electronics Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-15 03:41 - 2014-03-15 03:41 - 00019689 _____ () C:\Users\Robin\Desktop\FRST.txt
2014-03-15 03:34 - 2014-03-15 03:41 - 00000000 ____D () C:\FRST
2014-03-15 03:29 - 2014-03-15 03:33 - 02157056 _____ (Farbar) C:\Users\Robin\Desktop\FRST64.exe
2014-03-14 15:32 - 2014-03-14 15:32 - 00000000 ____D () C:\ProgramData\SearchModule
2014-03-14 15:27 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-14 14:48 - 2014-03-14 15:33 - 00055066 _____ () C:\zoek-results.log
2014-03-14 14:45 - 2014-03-14 14:45 - 00003108 _____ () C:\windows\System32\Tasks\{0EC1929F-A762-4C65-BA60-CD0A6584949B}
2014-03-14 14:43 - 2014-03-14 15:20 - 00000000 ____D () C:\zoek_backup
2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.scr
2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.com
2014-03-14 03:07 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-14 03:07 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-14 03:07 - 2014-02-23 09:11 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-14 03:07 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-03-14 03:07 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-14 03:07 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-14 03:07 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-14 03:07 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-14 03:07 - 2014-02-23 06:39 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-03-14 03:07 - 2014-02-23 06:35 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-14 03:06 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-14 03:06 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-14 03:06 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-14 03:06 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-14 03:06 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-14 03:06 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-13 22:15 - 2014-03-13 22:15 - 00001638 _____ () C:\AdwCleaner[S6].txt
2014-03-13 22:15 - 2014-03-13 22:15 - 00001571 _____ () C:\AdwCleaner[R7].txt
2014-03-13 22:12 - 2014-03-13 22:12 - 00001511 _____ () C:\AdwCleaner[R6].txt
2014-03-13 22:09 - 2014-03-13 22:09 - 00007231 _____ () C:\Users\Robin\Desktop\JRTplocch.txt
2014-03-13 21:43 - 2014-03-13 21:44 - 01037734 _____ (Thisisu) C:\Users\Robin\Desktop\JRT.exe
2014-03-13 20:43 - 2014-03-13 20:46 - 00000000 ____D () C:\rsit
2014-03-13 12:51 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-13 12:51 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-13 12:51 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-13 12:51 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-13 12:51 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-13 12:51 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-13 12:51 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-03-13 12:51 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-13 09:53 - 2014-03-13 09:53 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-03-12 23:14 - 2014-03-12 23:31 - 458109104 ____R () C:\Users\Robin\Nurumassage_Jennifer_Dark.wmv
2014-03-10 23:43 - 2014-03-11 00:07 - 1130799359 ____R () C:\Users\Robin\MIDE-027.avi
2014-03-10 09:43 - 2014-03-10 09:44 - 00000000 ____D () C:\Users\Robin\The.Butler.2013.BRRip.XviD.CZ.MY
2014-03-09 19:28 - 2014-03-09 20:31 - 1759674621 ____R () C:\Users\Robin\MDYD-868.wmv
2014-03-06 23:29 - 2014-03-06 23:46 - 743081984 ____R () C:\Users\Robin\Adjustment.Bureau.2011.BRRip.XviD.CZ-LEADERs.avi
2014-03-04 00:24 - 2014-03-04 01:29 - 1556576256 ____R () C:\Users\Robin\Mrtví a neklidní.avi
2014-02-28 23:51 - 2014-03-01 02:34 - 1900527616 ____R () C:\Users\Robin\Prometheus.2012.BRRip.480p.XviD.AC3.CZ-Only4WX.avi
2014-02-28 23:48 - 2014-03-01 01:08 - 732557312 ____R () C:\Users\Robin\Gravity.2013.BRRip.XviD.CZ.avi
2014-02-26 00:30 - 2014-03-07 00:01 - 00000000 ____D () C:\Users\Robin\AppData\Local\AuxClient
2014-02-25 10:34 - 2014-02-25 10:36 - 00000000 ____D () C:\windows\rescache
2014-02-24 22:21 - 2014-02-24 22:41 - 741380096 ____R () C:\Users\Robin\Hansel.and.Gretel.Witch.Hunters.2013.DVDRip.XviD.CZ-JNP.avi
2014-02-20 14:23 - 2014-02-20 14:24 - 00006518 _____ () C:\Users\Robin\The Expendables.srt
2014-02-19 10:19 - 2014-02-19 10:28 - 00000000 ____D () C:\Users\Robin\Desktop\Nová složka
2014-02-18 13:44 - 2014-02-18 13:44 - 00000000 ____D () C:\Users\Robin\[ http://www.Torrenting.com ] - Expendables.2.2012.TS.XViD.AC3.SeeN-CM8
2014-02-17 23:13 - 2014-02-18 15:17 - 00000000 ____D () C:\Users\Robin\Turbo.2013.720p.BRRip.XviD.AC3-RARBG
2014-02-17 14:56 - 2014-02-17 17:11 - 00000000 ____D () C:\Users\Robin\Les Misérables (2012) 1080p x264 DD5.1 EN NL Subs
2014-02-16 03:04 - 2014-03-11 03:07 - 00118466 _____ () C:\windows\IE11_main.log
2014-02-15 17:54 - 2014-02-15 18:58 - 1489394311 ____R () C:\Users\Robin\Lone Survivor (2013) 720p HQ.mkv
2014-02-15 17:45 - 2014-02-15 18:57 - 1809489232 ____R () C:\Users\Robin\Velký Gatsby (2013) CZdabing.mkv
2014-02-15 16:48 - 2014-03-14 15:33 - 00002262 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-15 15:55 - 2014-02-15 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 11:24 - 2014-02-15 11:24 - 00000000 ____D () C:\Program Files (x86)\Hasbro Interactive
2014-02-15 11:13 - 2014-02-15 11:14 - 00000000 ____D () C:\Users\Robin\Roller Coaster Tycoon
2014-02-15 10:55 - 2014-02-15 10:59 - 00000000 ____D () C:\Users\Robin\Documents\RCT3
2014-02-15 10:55 - 2014-02-15 10:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Atari
2014-02-15 00:04 - 2014-03-14 15:30 - 00150450 _____ () C:\windows\PFRO.log
2014-02-15 00:04 - 2014-03-14 15:30 - 00001008 _____ () C:\windows\setupact.log
2014-02-15 00:04 - 2014-02-15 00:04 - 00000000 _____ () C:\windows\setuperr.log
2014-02-14 06:21 - 2014-03-15 03:26 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-14 06:21 - 2014-03-14 15:31 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-13 10:13 - 2013-12-21 10:39 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-13 10:13 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
==================== One Month Modified Files and Folders =======
2014-03-15 03:42 - 2014-03-15 03:41 - 00019689 _____ () C:\Users\Robin\Desktop\FRST.txt
2014-03-15 03:42 - 2014-01-02 19:06 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\uTorrent
2014-03-15 03:41 - 2014-03-15 03:34 - 00000000 ____D () C:\FRST
2014-03-15 03:33 - 2014-03-15 03:29 - 02157056 _____ (Farbar) C:\Users\Robin\Desktop\FRST64.exe
2014-03-15 03:26 - 2014-02-14 06:21 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-15 03:16 - 2010-09-19 02:11 - 01358022 _____ () C:\windows\WindowsUpdate.log
2014-03-15 03:00 - 2013-10-14 10:36 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-14 16:06 - 2013-03-18 23:33 - 00000000 ____D () C:\Users\Robin\AppData\Local\PMB Files
2014-03-14 15:53 - 2009-07-14 05:45 - 00020080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-14 15:53 - 2009-07-14 05:45 - 00020080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-14 15:33 - 2014-03-14 14:48 - 00055066 _____ () C:\zoek-results.log
2014-03-14 15:33 - 2014-02-15 16:48 - 00002262 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 15:33 - 2011-06-08 17:26 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-14 15:33 - 2011-02-14 18:40 - 00002100 _____ () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-14 15:32 - 2014-03-14 15:32 - 00000000 ____D () C:\ProgramData\SearchModule
2014-03-14 15:31 - 2014-02-14 06:21 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-14 15:31 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-14 15:30 - 2014-02-15 00:04 - 00150450 _____ () C:\windows\PFRO.log
2014-03-14 15:30 - 2014-02-15 00:04 - 00001008 _____ () C:\windows\setupact.log
2014-03-14 15:20 - 2014-03-14 14:43 - 00000000 ____D () C:\zoek_backup
2014-03-14 15:17 - 2013-05-17 10:20 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-03-14 15:17 - 2011-02-14 18:40 - 00000000 ___RD () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-14 14:45 - 2014-03-14 14:45 - 00003108 _____ () C:\windows\System32\Tasks\{0EC1929F-A762-4C65-BA60-CD0A6584949B}
2014-03-14 03:33 - 2009-07-14 05:45 - 05313880 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-14 03:31 - 2012-05-14 08:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 03:31 - 2012-05-14 08:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 03:09 - 2011-03-01 15:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 23:12 - 2013-11-06 18:21 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForRobin
2014-03-13 23:12 - 2013-09-18 22:20 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForRobin.job
2014-03-13 22:15 - 2014-03-13 22:15 - 00001638 _____ () C:\AdwCleaner[S6].txt
2014-03-13 22:15 - 2014-03-13 22:15 - 00001571 _____ () C:\AdwCleaner[R7].txt
2014-03-13 22:12 - 2014-03-13 22:12 - 00001511 _____ () C:\AdwCleaner[R6].txt
2014-03-13 22:09 - 2014-03-13 22:09 - 00007231 _____ () C:\Users\Robin\Desktop\JRTplocch.txt
2014-03-13 21:44 - 2014-03-13 21:43 - 01037734 _____ (Thisisu) C:\Users\Robin\Desktop\JRT.exe
2014-03-13 20:46 - 2014-03-13 20:43 - 00000000 ____D () C:\rsit
2014-03-13 20:44 - 2012-11-05 18:00 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-03-13 09:53 - 2014-03-13 09:53 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-03-13 09:53 - 2012-11-06 14:31 - 00001958 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-13 09:53 - 2012-11-06 14:30 - 00000000 _____ () C:\windows\SysWOW64\config.nt
2014-03-13 09:51 - 2011-02-14 08:25 - 00000000 ____D () C:\Users\Robin
2014-03-13 09:49 - 2014-01-08 19:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\FreeFileViewer
2014-03-13 09:49 - 2013-03-18 23:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-13 09:49 - 2010-09-19 02:11 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-03-13 09:49 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2014-03-12 23:34 - 2011-08-21 21:14 - 00113152 ___SH () C:\Users\Robin\Thumbs.db
2014-03-12 23:31 - 2014-03-12 23:14 - 458109104 ____R () C:\Users\Robin\Nurumassage_Jennifer_Dark.wmv
2014-03-11 03:07 - 2014-02-16 03:04 - 00118466 _____ () C:\windows\IE11_main.log
2014-03-11 00:07 - 2014-03-10 23:43 - 1130799359 ____R () C:\Users\Robin\MIDE-027.avi
2014-03-10 22:57 - 2011-02-14 20:43 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Skype
2014-03-10 09:44 - 2014-03-10 09:43 - 00000000 ____D () C:\Users\Robin\The.Butler.2013.BRRip.XviD.CZ.MY
2014-03-09 20:31 - 2014-03-09 19:28 - 1759674621 ____R () C:\Users\Robin\MDYD-868.wmv
2014-03-08 11:05 - 2014-03-14 14:43 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.scr
2014-03-08 11:05 - 2014-03-14 14:43 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.com
2014-03-08 10:02 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-03-07 00:03 - 2012-12-11 00:30 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-03-07 00:01 - 2014-02-26 00:30 - 00000000 ____D () C:\Users\Robin\AppData\Local\AuxClient
2014-03-06 23:46 - 2014-03-06 23:29 - 743081984 ____R () C:\Users\Robin\Adjustment.Bureau.2011.BRRip.XviD.CZ-LEADERs.avi
2014-03-06 20:13 - 2014-01-08 20:09 - 00000000 ____D () C:\Program Files (x86)\Sense
2014-03-05 16:01 - 2009-07-14 06:08 - 00032554 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-03-05 03:04 - 2011-02-14 20:43 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 03:04 - 2010-09-19 02:16 - 00000000 ____D () C:\ProgramData\Skype
2014-03-04 01:29 - 2014-03-04 00:24 - 1556576256 ____R () C:\Users\Robin\Mrtví a neklidní.avi
2014-03-01 02:34 - 2014-02-28 23:51 - 1900527616 ____R () C:\Users\Robin\Prometheus.2012.BRRip.480p.XviD.AC3.CZ-Only4WX.avi
2014-03-01 01:08 - 2014-02-28 23:48 - 732557312 ____R () C:\Users\Robin\Gravity.2013.BRRip.XviD.CZ.avi
2014-02-28 03:12 - 2011-10-21 09:03 - 01568864 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-28 03:12 - 2010-09-09 22:18 - 00672386 _____ () C:\windows\system32\perfh005.dat
2014-02-28 03:12 - 2010-09-09 22:18 - 00142950 _____ () C:\windows\system32\perfc005.dat
2014-02-28 03:12 - 2009-07-14 06:13 - 01568864 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-25 10:36 - 2014-02-25 10:34 - 00000000 ____D () C:\windows\rescache
2014-02-24 22:41 - 2014-02-24 22:21 - 741380096 ____R () C:\Users\Robin\Hansel.and.Gretel.Witch.Hunters.2013.DVDRip.XviD.CZ-JNP.avi
2014-02-24 13:23 - 2014-01-04 14:55 - 00078336 _____ () C:\windows\SysWOW64\rp.dll
2014-02-23 09:13 - 2014-03-14 03:07 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-23 09:13 - 2014-03-14 03:06 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-23 09:13 - 2014-03-14 03:06 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-23 09:12 - 2014-03-14 03:07 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-23 09:12 - 2014-03-14 03:06 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-23 09:12 - 2014-03-14 03:06 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-23 09:11 - 2014-03-14 03:07 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-23 09:11 - 2014-03-14 03:07 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-23 09:11 - 2014-03-14 03:07 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-23 09:11 - 2014-03-14 03:07 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-23 07:54 - 2014-03-14 03:06 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-23 07:54 - 2014-03-14 03:06 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 14358016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-23 07:35 - 2014-03-14 03:07 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-23 07:31 - 2014-03-14 03:07 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-23 06:39 - 2014-03-14 03:07 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-02-23 06:35 - 2014-03-14 03:07 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-21 23:07 - 2011-02-14 20:59 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\ICQ
2014-02-20 14:24 - 2014-02-20 14:23 - 00006518 _____ () C:\Users\Robin\The Expendables.srt
2014-02-19 10:28 - 2014-02-19 10:19 - 00000000 ____D () C:\Users\Robin\Desktop\Nová složka
2014-02-19 10:25 - 2013-10-17 20:31 - 00000000 ____D () C:\Users\Robin\Desktop\rock
2014-02-18 15:17 - 2014-02-17 23:13 - 00000000 ____D () C:\Users\Robin\Turbo.2013.720p.BRRip.XviD.AC3-RARBG
2014-02-18 13:44 - 2014-02-18 13:44 - 00000000 ____D () C:\Users\Robin\[ http://www.Torrenting.com ] - Expendables.2.2012.TS.XViD.AC3.SeeN-CM8
2014-02-17 17:11 - 2014-02-17 14:56 - 00000000 ____D () C:\Users\Robin\Les Misérables (2012) 1080p x264 DD5.1 EN NL Subs
2014-02-17 09:08 - 2013-06-17 08:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 18:58 - 2014-02-15 17:54 - 1489394311 ____R () C:\Users\Robin\Lone Survivor (2013) 720p HQ.mkv
2014-02-15 18:57 - 2014-02-15 17:45 - 1809489232 ____R () C:\Users\Robin\Velký Gatsby (2013) CZdabing.mkv
2014-02-15 16:47 - 2011-09-24 09:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-15 15:56 - 2014-02-15 15:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 11:24 - 2014-02-15 11:24 - 00000000 ____D () C:\Program Files (x86)\Hasbro Interactive
2014-02-15 11:24 - 2011-06-08 14:05 - 00000227 _____ () C:\windows\PowerReg.dat
2014-02-15 11:14 - 2014-02-15 11:13 - 00000000 ____D () C:\Users\Robin\Roller Coaster Tycoon
2014-02-15 10:59 - 2014-02-15 10:55 - 00000000 ____D () C:\Users\Robin\Documents\RCT3
2014-02-15 10:55 - 2014-02-15 10:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Atari
2014-02-15 00:04 - 2014-02-15 00:04 - 00000000 _____ () C:\windows\setuperr.log
2014-02-14 06:21 - 2011-09-24 09:28 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 06:21 - 2011-09-24 09:28 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 23:59 - 2014-03-14 15:27 - 00024064 _____ () C:\windows\zoek-delete.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-10 11:57
==================== End Of Log ============================
Ran by Robin (administrator) on ROBIN-HP on 15-03-2014 03:41:57
Running from C:\Users\Robin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\windows\system32\atiesrxx.exe
(IDT, Inc.) C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(M-Audio) C:\Program Files (x86)\M-Audio\MobilePre\AudioDevMon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(Search Module Ltd.) C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(BitTorrent Inc.) C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Facebook Inc.) C:\Users\Robin\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files\Motorola\Bluetooth\btmshell.dll [24783624 2010-06-10] (Motorola, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-29] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-10] ()
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-18] ()
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [GoobzoYouTubeAccelerator] - "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [uTorrent] - C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-08] (BitTorrent Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw_1167637.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Robin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Robin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF SearchPlugin: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Sense - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com [2014-03-14]
FF Extension: Easy YouTube Video Downloader - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-08-03]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-06]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-14]
CHR Extension: (Disk Google) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-14]
CHR Extension: (YouTube) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-14]
CHR Extension: (Vyhledávání Google) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-14]
CHR Extension: (avast! WebRep) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-05-25]
CHR Extension: (Peněženka Google) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-14]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2012-11-06]
==================== Services (Whitelisted) =================
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MobilePreIIAudioDevMon; C:\Program Files (x86)\M-Audio\MobilePre\AudioDevMon.exe [1923592 2010-06-21] (M-Audio)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75064 2012-07-04] ()
R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2577768 2014-02-21] (Search Module Ltd.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-29] (IDT, Inc.)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [30568 2012-11-04] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-01] (DT Soft Ltd)
S3 MAUSBMOBILEPREII; C:\Windows\System32\DRIVERS\MAudioMobilePreII.sys [484360 2010-06-21] (M-Audio)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [41320 2014-02-21] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2010-04-27] ()
R1 TsLwWfF; C:\Windows\System32\DRIVERS\TsLwWfF.sys [26216 2009-11-12] (TamoSoft)
S3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [46592 2007-03-28] (Winbond Electronics Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-15 03:41 - 2014-03-15 03:41 - 00019689 _____ () C:\Users\Robin\Desktop\FRST.txt
2014-03-15 03:34 - 2014-03-15 03:41 - 00000000 ____D () C:\FRST
2014-03-15 03:29 - 2014-03-15 03:33 - 02157056 _____ (Farbar) C:\Users\Robin\Desktop\FRST64.exe
2014-03-14 15:32 - 2014-03-14 15:32 - 00000000 ____D () C:\ProgramData\SearchModule
2014-03-14 15:27 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-14 14:48 - 2014-03-14 15:33 - 00055066 _____ () C:\zoek-results.log
2014-03-14 14:45 - 2014-03-14 14:45 - 00003108 _____ () C:\windows\System32\Tasks\{0EC1929F-A762-4C65-BA60-CD0A6584949B}
2014-03-14 14:43 - 2014-03-14 15:20 - 00000000 ____D () C:\zoek_backup
2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.scr
2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.com
2014-03-14 03:07 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-14 03:07 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-14 03:07 - 2014-02-23 09:11 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-14 03:07 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-03-14 03:07 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-14 03:07 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-14 03:07 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-14 03:07 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-14 03:07 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-14 03:07 - 2014-02-23 06:39 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-03-14 03:07 - 2014-02-23 06:35 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-14 03:06 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-14 03:06 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-14 03:06 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-14 03:06 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-03-14 03:06 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-14 03:06 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-14 03:06 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-14 03:06 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-13 22:15 - 2014-03-13 22:15 - 00001638 _____ () C:\AdwCleaner[S6].txt
2014-03-13 22:15 - 2014-03-13 22:15 - 00001571 _____ () C:\AdwCleaner[R7].txt
2014-03-13 22:12 - 2014-03-13 22:12 - 00001511 _____ () C:\AdwCleaner[R6].txt
2014-03-13 22:09 - 2014-03-13 22:09 - 00007231 _____ () C:\Users\Robin\Desktop\JRTplocch.txt
2014-03-13 21:43 - 2014-03-13 21:44 - 01037734 _____ (Thisisu) C:\Users\Robin\Desktop\JRT.exe
2014-03-13 20:43 - 2014-03-13 20:46 - 00000000 ____D () C:\rsit
2014-03-13 12:51 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-13 12:51 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-13 12:51 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-13 12:51 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-13 12:51 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-13 12:51 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-13 12:51 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-03-13 12:51 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-13 09:53 - 2014-03-13 09:53 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-03-12 23:14 - 2014-03-12 23:31 - 458109104 ____R () C:\Users\Robin\Nurumassage_Jennifer_Dark.wmv
2014-03-10 23:43 - 2014-03-11 00:07 - 1130799359 ____R () C:\Users\Robin\MIDE-027.avi
2014-03-10 09:43 - 2014-03-10 09:44 - 00000000 ____D () C:\Users\Robin\The.Butler.2013.BRRip.XviD.CZ.MY
2014-03-09 19:28 - 2014-03-09 20:31 - 1759674621 ____R () C:\Users\Robin\MDYD-868.wmv
2014-03-06 23:29 - 2014-03-06 23:46 - 743081984 ____R () C:\Users\Robin\Adjustment.Bureau.2011.BRRip.XviD.CZ-LEADERs.avi
2014-03-04 00:24 - 2014-03-04 01:29 - 1556576256 ____R () C:\Users\Robin\Mrtví a neklidní.avi
2014-02-28 23:51 - 2014-03-01 02:34 - 1900527616 ____R () C:\Users\Robin\Prometheus.2012.BRRip.480p.XviD.AC3.CZ-Only4WX.avi
2014-02-28 23:48 - 2014-03-01 01:08 - 732557312 ____R () C:\Users\Robin\Gravity.2013.BRRip.XviD.CZ.avi
2014-02-26 00:30 - 2014-03-07 00:01 - 00000000 ____D () C:\Users\Robin\AppData\Local\AuxClient
2014-02-25 10:34 - 2014-02-25 10:36 - 00000000 ____D () C:\windows\rescache
2014-02-24 22:21 - 2014-02-24 22:41 - 741380096 ____R () C:\Users\Robin\Hansel.and.Gretel.Witch.Hunters.2013.DVDRip.XviD.CZ-JNP.avi
2014-02-20 14:23 - 2014-02-20 14:24 - 00006518 _____ () C:\Users\Robin\The Expendables.srt
2014-02-19 10:19 - 2014-02-19 10:28 - 00000000 ____D () C:\Users\Robin\Desktop\Nová složka
2014-02-18 13:44 - 2014-02-18 13:44 - 00000000 ____D () C:\Users\Robin\[ http://www.Torrenting.com ] - Expendables.2.2012.TS.XViD.AC3.SeeN-CM8
2014-02-17 23:13 - 2014-02-18 15:17 - 00000000 ____D () C:\Users\Robin\Turbo.2013.720p.BRRip.XviD.AC3-RARBG
2014-02-17 14:56 - 2014-02-17 17:11 - 00000000 ____D () C:\Users\Robin\Les Misérables (2012) 1080p x264 DD5.1 EN NL Subs
2014-02-16 03:04 - 2014-03-11 03:07 - 00118466 _____ () C:\windows\IE11_main.log
2014-02-15 17:54 - 2014-02-15 18:58 - 1489394311 ____R () C:\Users\Robin\Lone Survivor (2013) 720p HQ.mkv
2014-02-15 17:45 - 2014-02-15 18:57 - 1809489232 ____R () C:\Users\Robin\Velký Gatsby (2013) CZdabing.mkv
2014-02-15 16:48 - 2014-03-14 15:33 - 00002262 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-15 15:55 - 2014-02-15 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 11:24 - 2014-02-15 11:24 - 00000000 ____D () C:\Program Files (x86)\Hasbro Interactive
2014-02-15 11:13 - 2014-02-15 11:14 - 00000000 ____D () C:\Users\Robin\Roller Coaster Tycoon
2014-02-15 10:55 - 2014-02-15 10:59 - 00000000 ____D () C:\Users\Robin\Documents\RCT3
2014-02-15 10:55 - 2014-02-15 10:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Atari
2014-02-15 00:04 - 2014-03-14 15:30 - 00150450 _____ () C:\windows\PFRO.log
2014-02-15 00:04 - 2014-03-14 15:30 - 00001008 _____ () C:\windows\setupact.log
2014-02-15 00:04 - 2014-02-15 00:04 - 00000000 _____ () C:\windows\setuperr.log
2014-02-14 06:21 - 2014-03-15 03:26 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-14 06:21 - 2014-03-14 15:31 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-13 10:13 - 2013-12-21 10:39 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-13 10:13 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
==================== One Month Modified Files and Folders =======
2014-03-15 03:42 - 2014-03-15 03:41 - 00019689 _____ () C:\Users\Robin\Desktop\FRST.txt
2014-03-15 03:42 - 2014-01-02 19:06 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\uTorrent
2014-03-15 03:41 - 2014-03-15 03:34 - 00000000 ____D () C:\FRST
2014-03-15 03:33 - 2014-03-15 03:29 - 02157056 _____ (Farbar) C:\Users\Robin\Desktop\FRST64.exe
2014-03-15 03:26 - 2014-02-14 06:21 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-15 03:16 - 2010-09-19 02:11 - 01358022 _____ () C:\windows\WindowsUpdate.log
2014-03-15 03:00 - 2013-10-14 10:36 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-14 16:06 - 2013-03-18 23:33 - 00000000 ____D () C:\Users\Robin\AppData\Local\PMB Files
2014-03-14 15:53 - 2009-07-14 05:45 - 00020080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-14 15:53 - 2009-07-14 05:45 - 00020080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-14 15:33 - 2014-03-14 14:48 - 00055066 _____ () C:\zoek-results.log
2014-03-14 15:33 - 2014-02-15 16:48 - 00002262 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 15:33 - 2011-06-08 17:26 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-14 15:33 - 2011-02-14 18:40 - 00002100 _____ () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-14 15:32 - 2014-03-14 15:32 - 00000000 ____D () C:\ProgramData\SearchModule
2014-03-14 15:31 - 2014-02-14 06:21 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-14 15:31 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-14 15:30 - 2014-02-15 00:04 - 00150450 _____ () C:\windows\PFRO.log
2014-03-14 15:30 - 2014-02-15 00:04 - 00001008 _____ () C:\windows\setupact.log
2014-03-14 15:20 - 2014-03-14 14:43 - 00000000 ____D () C:\zoek_backup
2014-03-14 15:17 - 2013-05-17 10:20 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-03-14 15:17 - 2011-02-14 18:40 - 00000000 ___RD () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-14 14:45 - 2014-03-14 14:45 - 00003108 _____ () C:\windows\System32\Tasks\{0EC1929F-A762-4C65-BA60-CD0A6584949B}
2014-03-14 03:33 - 2009-07-14 05:45 - 05313880 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-14 03:31 - 2012-05-14 08:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 03:31 - 2012-05-14 08:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 03:09 - 2011-03-01 15:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 23:12 - 2013-11-06 18:21 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForRobin
2014-03-13 23:12 - 2013-09-18 22:20 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForRobin.job
2014-03-13 22:15 - 2014-03-13 22:15 - 00001638 _____ () C:\AdwCleaner[S6].txt
2014-03-13 22:15 - 2014-03-13 22:15 - 00001571 _____ () C:\AdwCleaner[R7].txt
2014-03-13 22:12 - 2014-03-13 22:12 - 00001511 _____ () C:\AdwCleaner[R6].txt
2014-03-13 22:09 - 2014-03-13 22:09 - 00007231 _____ () C:\Users\Robin\Desktop\JRTplocch.txt
2014-03-13 21:44 - 2014-03-13 21:43 - 01037734 _____ (Thisisu) C:\Users\Robin\Desktop\JRT.exe
2014-03-13 20:46 - 2014-03-13 20:43 - 00000000 ____D () C:\rsit
2014-03-13 20:44 - 2012-11-05 18:00 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-03-13 09:53 - 2014-03-13 09:53 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-03-13 09:53 - 2012-11-06 14:31 - 00001958 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-13 09:53 - 2012-11-06 14:30 - 00000000 _____ () C:\windows\SysWOW64\config.nt
2014-03-13 09:51 - 2011-02-14 08:25 - 00000000 ____D () C:\Users\Robin
2014-03-13 09:49 - 2014-01-08 19:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\FreeFileViewer
2014-03-13 09:49 - 2013-03-18 23:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-13 09:49 - 2010-09-19 02:11 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-03-13 09:49 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2014-03-12 23:34 - 2011-08-21 21:14 - 00113152 ___SH () C:\Users\Robin\Thumbs.db
2014-03-12 23:31 - 2014-03-12 23:14 - 458109104 ____R () C:\Users\Robin\Nurumassage_Jennifer_Dark.wmv
2014-03-11 03:07 - 2014-02-16 03:04 - 00118466 _____ () C:\windows\IE11_main.log
2014-03-11 00:07 - 2014-03-10 23:43 - 1130799359 ____R () C:\Users\Robin\MIDE-027.avi
2014-03-10 22:57 - 2011-02-14 20:43 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Skype
2014-03-10 09:44 - 2014-03-10 09:43 - 00000000 ____D () C:\Users\Robin\The.Butler.2013.BRRip.XviD.CZ.MY
2014-03-09 20:31 - 2014-03-09 19:28 - 1759674621 ____R () C:\Users\Robin\MDYD-868.wmv
2014-03-08 11:05 - 2014-03-14 14:43 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.scr
2014-03-08 11:05 - 2014-03-14 14:43 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.com
2014-03-08 10:02 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-03-07 00:03 - 2012-12-11 00:30 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-03-07 00:01 - 2014-02-26 00:30 - 00000000 ____D () C:\Users\Robin\AppData\Local\AuxClient
2014-03-06 23:46 - 2014-03-06 23:29 - 743081984 ____R () C:\Users\Robin\Adjustment.Bureau.2011.BRRip.XviD.CZ-LEADERs.avi
2014-03-06 20:13 - 2014-01-08 20:09 - 00000000 ____D () C:\Program Files (x86)\Sense
2014-03-05 16:01 - 2009-07-14 06:08 - 00032554 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-03-05 03:04 - 2011-02-14 20:43 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 03:04 - 2010-09-19 02:16 - 00000000 ____D () C:\ProgramData\Skype
2014-03-04 01:29 - 2014-03-04 00:24 - 1556576256 ____R () C:\Users\Robin\Mrtví a neklidní.avi
2014-03-01 02:34 - 2014-02-28 23:51 - 1900527616 ____R () C:\Users\Robin\Prometheus.2012.BRRip.480p.XviD.AC3.CZ-Only4WX.avi
2014-03-01 01:08 - 2014-02-28 23:48 - 732557312 ____R () C:\Users\Robin\Gravity.2013.BRRip.XviD.CZ.avi
2014-02-28 03:12 - 2011-10-21 09:03 - 01568864 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-28 03:12 - 2010-09-09 22:18 - 00672386 _____ () C:\windows\system32\perfh005.dat
2014-02-28 03:12 - 2010-09-09 22:18 - 00142950 _____ () C:\windows\system32\perfc005.dat
2014-02-28 03:12 - 2009-07-14 06:13 - 01568864 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-25 10:36 - 2014-02-25 10:34 - 00000000 ____D () C:\windows\rescache
2014-02-24 22:41 - 2014-02-24 22:21 - 741380096 ____R () C:\Users\Robin\Hansel.and.Gretel.Witch.Hunters.2013.DVDRip.XviD.CZ-JNP.avi
2014-02-24 13:23 - 2014-01-04 14:55 - 00078336 _____ () C:\windows\SysWOW64\rp.dll
2014-02-23 09:13 - 2014-03-14 03:07 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-23 09:13 - 2014-03-14 03:06 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-23 09:13 - 2014-03-14 03:06 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-23 09:12 - 2014-03-14 03:07 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-23 09:12 - 2014-03-14 03:06 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-23 09:12 - 2014-03-14 03:06 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-23 09:11 - 2014-03-14 03:07 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-23 09:11 - 2014-03-14 03:07 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-23 09:11 - 2014-03-14 03:07 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-23 09:11 - 2014-03-14 03:07 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-23 09:11 - 2014-03-14 03:06 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-23 07:54 - 2014-03-14 03:06 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-23 07:54 - 2014-03-14 03:06 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-23 07:53 - 2014-03-14 03:07 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 14358016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-23 07:53 - 2014-03-14 03:06 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-23 07:35 - 2014-03-14 03:07 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-23 07:31 - 2014-03-14 03:07 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-23 06:39 - 2014-03-14 03:07 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-02-23 06:35 - 2014-03-14 03:07 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-21 23:07 - 2011-02-14 20:59 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\ICQ
2014-02-20 14:24 - 2014-02-20 14:23 - 00006518 _____ () C:\Users\Robin\The Expendables.srt
2014-02-19 10:28 - 2014-02-19 10:19 - 00000000 ____D () C:\Users\Robin\Desktop\Nová složka
2014-02-19 10:25 - 2013-10-17 20:31 - 00000000 ____D () C:\Users\Robin\Desktop\rock
2014-02-18 15:17 - 2014-02-17 23:13 - 00000000 ____D () C:\Users\Robin\Turbo.2013.720p.BRRip.XviD.AC3-RARBG
2014-02-18 13:44 - 2014-02-18 13:44 - 00000000 ____D () C:\Users\Robin\[ http://www.Torrenting.com ] - Expendables.2.2012.TS.XViD.AC3.SeeN-CM8
2014-02-17 17:11 - 2014-02-17 14:56 - 00000000 ____D () C:\Users\Robin\Les Misérables (2012) 1080p x264 DD5.1 EN NL Subs
2014-02-17 09:08 - 2013-06-17 08:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 18:58 - 2014-02-15 17:54 - 1489394311 ____R () C:\Users\Robin\Lone Survivor (2013) 720p HQ.mkv
2014-02-15 18:57 - 2014-02-15 17:45 - 1809489232 ____R () C:\Users\Robin\Velký Gatsby (2013) CZdabing.mkv
2014-02-15 16:47 - 2011-09-24 09:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-15 15:56 - 2014-02-15 15:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 11:24 - 2014-02-15 11:24 - 00000000 ____D () C:\Program Files (x86)\Hasbro Interactive
2014-02-15 11:24 - 2011-06-08 14:05 - 00000227 _____ () C:\windows\PowerReg.dat
2014-02-15 11:14 - 2014-02-15 11:13 - 00000000 ____D () C:\Users\Robin\Roller Coaster Tycoon
2014-02-15 10:59 - 2014-02-15 10:55 - 00000000 ____D () C:\Users\Robin\Documents\RCT3
2014-02-15 10:55 - 2014-02-15 10:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Atari
2014-02-15 00:04 - 2014-02-15 00:04 - 00000000 _____ () C:\windows\setuperr.log
2014-02-14 06:21 - 2011-09-24 09:28 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 06:21 - 2011-09-24 09:28 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 23:59 - 2014-03-14 15:27 - 00024064 _____ () C:\windows\zoek-delete.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-10 11:57
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (11.66 KiB) Staženo 80 x
Re: Pomalý notebook, prosím o kontrolu logu
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.) HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd) HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-18] () HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [GoobzoYouTubeAccelerator] - "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [uTorrent] - C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-08] (BitTorrent Inc.) AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q= FF NetworkProxy: "no_proxies_on", "*.local" FF NetworkProxy: "type", 0 FF Extension: Sense - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com [2014-03-14] S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X] C:\Program Files (x86)\MyPC Backup C:\PROGRA~2\SearchProtect 2014-03-14 15:27 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe 2014-03-14 14:48 - 2014-03-14 15:33 - 00055066 _____ () C:\zoek-results.log 2014-03-14 14:45 - 2014-03-14 14:45 - 00003108 _____ () C:\windows\System32\Tasks\{0EC1929F-A762-4C65-BA60-CD0A6584949B} 2014-03-14 14:43 - 2014-03-14 15:20 - 00000000 ____D () C:\zoek_backup 2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.scr 2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.com 2014-03-13 22:15 - 2014-03-13 22:15 - 00001638 _____ () C:\AdwCleaner[S6].txt 2014-03-13 22:15 - 2014-03-13 22:15 - 00001571 _____ () C:\AdwCleaner[R7].txt 2014-03-13 22:12 - 2014-03-13 22:12 - 00001511 _____ () C:\AdwCleaner[R6].txt 2014-03-13 22:09 - 2014-03-13 22:09 - 00007231 _____ () C:\Users\Robin\Desktop\JRTplocch.txt 2014-03-13 21:43 - 2014-03-13 21:44 - 01037734 _____ (Thisisu) C:\Users\Robin\Desktop\JRT.exe C:\windows\tasks\Adobe Flash Player Updater.job C:\windows\tasks\FreeFileViewerUpdateChecker.job C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job C:\windows\tasks\HPCeeScheduleForRobin.job Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomalý notebook, prosím o kontrolu logu
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Robin at 2014-03-17 10:49:28 Run:1
Running from C:\Users\Robin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-18] ()
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [GoobzoYouTubeAccelerator] - "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [uTorrent] - C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-08] (BitTorrent Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Extension: Sense - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com [2014-03-14]
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]
C:\Program Files (x86)\MyPC Backup
C:\PROGRA~2\SearchProtect
2014-03-14 15:27 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-14 14:48 - 2014-03-14 15:33 - 00055066 _____ () C:\zoek-results.log
2014-03-14 14:45 - 2014-03-14 14:45 - 00003108 _____ () C:\windows\System32\Tasks\{0EC1929F-A762-4C65-BA60-CD0A6584949B}
2014-03-14 14:43 - 2014-03-14 15:20 - 00000000 ____D () C:\zoek_backup
2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.scr
2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.com
2014-03-13 22:15 - 2014-03-13 22:15 - 00001638 _____ () C:\AdwCleaner[S6].txt
2014-03-13 22:15 - 2014-03-13 22:15 - 00001571 _____ () C:\AdwCleaner[R7].txt
2014-03-13 22:12 - 2014-03-13 22:12 - 00001511 _____ () C:\AdwCleaner[R6].txt
2014-03-13 22:09 - 2014-03-13 22:09 - 00007231 _____ () C:\Users\Robin\Desktop\JRTplocch.txt
2014-03-13 21:43 - 2014-03-13 21:44 - 01037734 _____ (Thisisu) C:\Users\Robin\Desktop\JRT.exe
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\FreeFileViewerUpdateChecker.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForRobin.job
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster => Value deleted successfully.
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GoobzoYouTubeAccelerator => Value deleted successfully.
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => Value deleted successfully.
"C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll" => Value Data removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.
HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key not found.
Firefox Keyword.URL deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com => Moved successfully.
BackupStack => Service deleted successfully.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
"C:\PROGRA~2\SearchProtect" => File/Directory not found.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\windows\System32\Tasks\{0EC1929F-A762-4C65-BA60-CD0A6584949B} => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Robin\Desktop\zoek.scr => Moved successfully.
C:\Users\Robin\Desktop\zoek.com => Moved successfully.
C:\AdwCleaner[S6].txt => Moved successfully.
C:\AdwCleaner[R7].txt => Moved successfully.
C:\AdwCleaner[R6].txt => Moved successfully.
C:\Users\Robin\Desktop\JRTplocch.txt => Moved successfully.
C:\Users\Robin\Desktop\JRT.exe => Moved successfully.
C:\windows\tasks\Adobe Flash Player Updater.job => Moved successfully.
"C:\windows\tasks\FreeFileViewerUpdateChecker.job" => File/Directory not found.
C:\windows\tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\tasks\HPCeeScheduleForRobin.job => Moved successfully.
Could not reset Hosts.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by Robin at 2014-03-17 10:49:28 Run:1
Running from C:\Users\Robin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-18] ()
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [GoobzoYouTubeAccelerator] - "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\...\Run: [uTorrent] - C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-08] (BitTorrent Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Extension: Sense - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com [2014-03-14]
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]
C:\Program Files (x86)\MyPC Backup
C:\PROGRA~2\SearchProtect
2014-03-14 15:27 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-14 14:48 - 2014-03-14 15:33 - 00055066 _____ () C:\zoek-results.log
2014-03-14 14:45 - 2014-03-14 14:45 - 00003108 _____ () C:\windows\System32\Tasks\{0EC1929F-A762-4C65-BA60-CD0A6584949B}
2014-03-14 14:43 - 2014-03-14 15:20 - 00000000 ____D () C:\zoek_backup
2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.scr
2014-03-14 14:43 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Robin\Desktop\zoek.com
2014-03-13 22:15 - 2014-03-13 22:15 - 00001638 _____ () C:\AdwCleaner[S6].txt
2014-03-13 22:15 - 2014-03-13 22:15 - 00001571 _____ () C:\AdwCleaner[R7].txt
2014-03-13 22:12 - 2014-03-13 22:12 - 00001511 _____ () C:\AdwCleaner[R6].txt
2014-03-13 22:09 - 2014-03-13 22:09 - 00007231 _____ () C:\Users\Robin\Desktop\JRTplocch.txt
2014-03-13 21:43 - 2014-03-13 21:44 - 01037734 _____ (Thisisu) C:\Users\Robin\Desktop\JRT.exe
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\FreeFileViewerUpdateChecker.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForRobin.job
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster => Value deleted successfully.
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GoobzoYouTubeAccelerator => Value deleted successfully.
HKU\S-1-5-21-170101940-3079598023-1448400411-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => Value deleted successfully.
"C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll" => Value Data removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.
HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key not found.
Firefox Keyword.URL deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\l1gd7yx1.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com => Moved successfully.
BackupStack => Service deleted successfully.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
"C:\PROGRA~2\SearchProtect" => File/Directory not found.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\windows\System32\Tasks\{0EC1929F-A762-4C65-BA60-CD0A6584949B} => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Robin\Desktop\zoek.scr => Moved successfully.
C:\Users\Robin\Desktop\zoek.com => Moved successfully.
C:\AdwCleaner[S6].txt => Moved successfully.
C:\AdwCleaner[R7].txt => Moved successfully.
C:\AdwCleaner[R6].txt => Moved successfully.
C:\Users\Robin\Desktop\JRTplocch.txt => Moved successfully.
C:\Users\Robin\Desktop\JRT.exe => Moved successfully.
C:\windows\tasks\Adobe Flash Player Updater.job => Moved successfully.
"C:\windows\tasks\FreeFileViewerUpdateChecker.job" => File/Directory not found.
C:\windows\tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\tasks\HPCeeScheduleForRobin.job => Moved successfully.
Could not reset Hosts.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Pomalý notebook, prosím o kontrolu logu
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomalý notebook, prosím o kontrolu logu
super, děkuji moc 
Re: Pomalý notebook, prosím o kontrolu logu
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?