Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by Petr (administrator) on DOMA-14514ED6DC on 05-11-2014 00:34:31
Running from C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha
Loaded Profile: Petr (Available profiles: Petr)
Platform: Microsoft Windows XP Home Edition Service Pack 2 (X86) OS Language: Čeština
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
() C:\WINDOWS\system32\WLTRYSVC.EXE
(Broadcom Corporation) C:\WINDOWS\system32\BCMWLTRY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Broadcom Corporation) C:\WINDOWS\system32\bcmntray.EXE
() C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(C. Ghisler & Co.) C:\Program Files\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [84760 2007-06-19] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [125720 2007-06-19] (Intel Corporation)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [507904 2005-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [401408 2005-07-22] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [385024 2005-07-22] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1388544 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\bcmntray
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [515072 2004-08-18] (Microsoft Corporation)
Winlogon\Notify\IntelWireless: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://start.iminent.com/?appId=EB719AD ... earchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={FA ... 2014-05-17 17:56:35&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={FA ... 2014-05-17 17:56:35&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://start.iminent.com/?appId=EB719AD ... earchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default
FF DefaultSearchEngine: default-search.net
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: default-search.net
FF Homepage: about:home
FF Keyword.URL:
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\StartWeb.xml
FF Extension: Apps Hat - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [2014-09-11]
FF Extension: KMPlayer Toolbar - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\toolbar@ask.com [2013-05-23]
FF Extension: WebSite Recommendation - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\WebSiteRecommendation@weliketheweb.com [2014-03-21]
FF Extension: Settings Manager - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{16D8371D-180E-146E-C4AD-1DA80388AFBF} [2014-03-18]
FF Extension: Seznam lištička - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-04]
FF Extension: Default Tab - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\addon@defaulttab.com.xpi [2013-10-28]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha4672.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha6429.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home878.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaBuzzV1mode1215.net] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ff
FF HKLM\...\Firefox\Extensions: [ext@RichMediaViewV1release4443.net] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ff
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799
FF Extension: AVG SafeGuard toolbar - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-08-25]
Chrome:
=======
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> http://mysearch.avg.com/search?cid={FAC ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv= ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-15]
CHR Extension: (Disk Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-15]
CHR Extension: (YouTube) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-15]
CHR Extension: (VyhledÃÂÃÂÃÂÃÂÃÂÃÂÃÂávÃÂÃÂÃÂÃÂÃÂÃÂÃÂánÃÂÃÂÃÂÃÂÃÂÃÂÃÂàGoogle) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-15]
CHR Extension: (PenÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂ
ÃÂÃÂÃÂþenka Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
CHR Extension: (Gmail) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-15]
CHR HKLM\...\Chrome\Extension: [djphlgdiigjkepffdgcbghlhneakpalo] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ch\MediaBuzzV1mode1215.crx []
CHR HKLM\...\Chrome\Extension: [emnpojkehcjhddolfdmelpjhgjoicinh] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ch\MediaViewV1alpha6429.crx []
CHR HKLM\...\Chrome\Extension: [fhkiadklhnphenemoeafeolmjofdknhg] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ch\MediaViewV1alpha4672.crx []
CHR HKLM\...\Chrome\Extension: [kaebgalecpbcanaoflcehcbcpdmbokfp] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ch\MediaWatchV1home878.crx []
CHR HKLM\...\Chrome\Extension: [paoabofgapccpdijnmhhnkikcbiaflbe] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ch\RichMediaViewV1release4443.crx []
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [258103 2006-02-27] (Broadcom Corporation.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [86016 2005-07-22] (Intel Corporation) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-08] (globalUpdate) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161664 2013-11-25] (Oracle Corporation)
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [139264 2005-07-22] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [372809 2005-07-22] (Intel Corporation ) [File not signed]
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]
S2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [847981 2005-05-11] (Broadcom Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [192280 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-08-12] (AVG Technologies)
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [401664 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30363 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [1342602 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [148168 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [30189 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [57096 2006-02-27] (Broadcom Corporation.) [File not signed]
S3 Huawei; C:\WINDOWS\System32\DRIVERS\ewdcsc.sys [24448 2009-12-15] (Huawei Tech. Co., Ltd.)
R3 IWCA; C:\WINDOWS\System32\DRIVERS\iwca.sys [234496 2004-08-12] (Intel Corporation)
R3 LgBttPort; C:\WINDOWS\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\WINDOWS\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\WINDOWS\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11354 2005-07-22] (Intel Corporation) [File not signed]
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-18] ()
R3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [46080 2004-06-16] (SMSC)
R1 tidnet; C:\WINDOWS\System32\DRIVERS\tidnet.sys [19200 2009-09-15] (Telefónica I+D) [File not signed]
S3 usbbus; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [13056 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-19] (LG Electronics Inc.)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [3298432 2005-11-02] (Intel® Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113280 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 nmwcdnsuc; system32\drivers\nmwcdnsuc.sys [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46336 2004-08-18] (Microsoft Corporation)
U3 TlntSvr; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-05 00:27 - 2014-11-05 00:27 - 00038411 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST3.txt
2014-11-05 00:24 - 2014-11-05 00:34 - 00027640 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\Addition.txt
2014-11-05 00:14 - 2014-11-05 00:41 - 00020389 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST.txt
2014-11-05 00:13 - 2014-11-05 00:35 - 00000000 ____D () C:\FRST
2014-11-05 00:08 - 2014-11-05 00:05 - 01106432 _____ (Farbar) C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST.exe
2014-10-30 23:44 - 2014-10-30 23:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-30 03:44 - 2014-10-30 05:53 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\insolv
2014-10-29 20:32 - 2014-10-29 20:32 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\AVG2015
2014-10-29 20:28 - 2014-10-29 20:28 - 00000714 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\AVG 2015.lnk
2014-10-29 20:24 - 2014-10-30 03:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2015
2014-10-29 20:24 - 2014-10-30 03:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2015
2014-10-29 20:24 - 2014-10-29 20:24 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Avg
2014-10-29 19:59 - 2014-10-30 02:53 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Avg2015
2014-10-29 02:27 - 2014-10-29 02:27 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikac
2014-10-12 05:38 - 2014-11-04 19:07 - 00010240 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\tel.xls
2014-10-09 20:29 - 2014-10-09 20:29 - 00019900 _____ () C:\ComboFix.txt
2014-10-09 20:29 - 2014-10-09 20:29 - 00000000 ____D () C:\Documents and Settings\Petr\Local Settings\temp
2014-10-09 20:29 - 2014-10-09 20:29 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\temp
2014-10-09 20:29 - 2014-10-09 20:29 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\temp
2014-10-09 20:20 - 2014-10-09 20:20 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-10-09 20:06 - 2014-10-09 20:06 - 00000000 _RSHD () C:\cmdcons
2014-10-09 20:06 - 2013-05-15 07:27 - 00000211 _____ () C:\Boot.bak
2014-10-09 20:06 - 2004-08-03 22:00 - 00261312 __RSH () C:\cmldr
2014-10-09 03:38 - 2014-10-09 20:29 - 00000000 ____D () C:\Qoobox
2014-10-09 03:38 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-10-09 03:38 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-10-09 03:38 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-10-09 03:37 - 2014-10-09 20:27 - 00000000 ____D () C:\WINDOWS\erdnt
2014-10-09 03:37 - 2014-10-09 03:37 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Nabídka Start\Programy\Nástroje pro správu
2014-10-09 03:37 - 2014-10-09 03:37 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Filmy
2014-10-09 03:37 - 2014-10-09 03:34 - 05582481 ____R (Swearware) C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\ComboFix.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-05 00:46 - 2014-02-15 00:12 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-05 00:43 - 2013-05-15 07:38 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp
2014-11-05 00:40 - 2014-09-08 21:35 - 00003430 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-6.job
2014-11-05 00:34 - 2013-05-15 07:38 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha
2014-11-05 00:27 - 2014-02-12 22:13 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-05 00:27 - 2013-05-15 07:38 - 00000000 ___HD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací
2014-11-05 00:07 - 2013-05-24 15:06 - 00004207 _____ () C:\WINDOWS\WINCMD.INI
2014-11-04 23:47 - 2013-05-22 15:35 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
2014-11-04 23:47 - 2013-05-22 15:35 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
2014-11-04 23:47 - 2013-05-15 07:31 - 00505088 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-04 23:42 - 2014-09-08 21:35 - 00004456 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-11.job
2014-11-04 23:42 - 2014-09-08 21:35 - 00000878 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-11-04 23:41 - 2014-09-08 21:36 - 00004454 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-4.job
2014-11-04 23:41 - 2014-09-08 21:36 - 00002406 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-5.job
2014-11-04 23:41 - 2014-09-08 21:36 - 00002070 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-2.job
2014-11-04 23:41 - 2014-09-08 21:35 - 00003094 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-7.job
2014-11-04 23:41 - 2013-11-18 07:44 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Seznam.cz
2014-11-04 23:41 - 2013-08-02 06:40 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-11-04 23:41 - 2013-05-15 09:26 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-11-04 23:40 - 2014-09-08 21:36 - 00002720 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-1.job
2014-11-04 23:40 - 2014-06-16 14:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2014
2014-11-04 23:40 - 2014-06-16 14:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2014
2014-11-04 23:40 - 2014-02-15 00:12 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-04 23:40 - 2013-05-15 09:26 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-11-04 23:40 - 2013-05-15 07:38 - 00000000 __RHD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací
2014-11-04 23:40 - 2013-05-15 07:37 - 00032434 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-04 23:40 - 2013-05-15 07:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-04 23:40 - 2013-05-14 18:50 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-04 23:40 - 2004-08-18 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-04 23:36 - 2014-07-01 21:04 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\csr
2014-11-04 22:40 - 2014-09-08 21:35 - 00000882 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-11-04 19:29 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty
2014-11-03 23:28 - 2013-05-23 06:04 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-11-02 01:15 - 2013-05-15 09:22 - 01208587 _____ () C:\WINDOWS\setupapi.log
2014-10-30 03:37 - 2014-02-24 08:23 - 00000000 ____D () C:\Program Files\DP1815
2014-10-30 03:36 - 2014-09-08 21:35 - 00000000 ____D () C:\Program Files\Apps Hat
2014-10-29 20:33 - 2013-05-22 15:38 - 00000000 ____D () C:\Program Files\AVG
2014-10-29 20:32 - 2013-05-22 15:39 - 00000000 ___HD () C:\$AVG
2014-10-29 20:31 - 2014-04-27 08:45 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVG
2014-10-29 20:31 - 2014-04-27 08:45 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVG
2014-10-29 20:31 - 2013-05-15 09:22 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Plocha
2014-10-29 20:24 - 2013-05-15 09:22 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS\Data aplikací
2014-10-29 19:47 - 2014-09-08 21:42 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Opera Software
2014-10-29 19:47 - 2014-09-08 21:41 - 00000000 ____D () C:\Program Files\Opera
2014-10-29 19:47 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Oblíbené položky
2014-10-29 19:46 - 2014-02-24 08:25 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Mobogenie
2014-10-29 19:45 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Nabídka Start\Programy
2014-10-29 19:44 - 2014-07-17 05:22 - 00000000 ____D () C:\Program Files\Mobogenie3
2014-10-29 19:44 - 2014-02-24 08:25 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\Mobogenie
2014-10-29 19:44 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-10-29 19:44 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-10-29 19:39 - 2013-05-15 09:23 - 01018222 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-29 19:34 - 2013-05-15 07:38 - 00000178 ___SH () C:\Documents and Settings\Petr.DOMA-14514ED6DC\ntuser.ini
2014-10-29 19:34 - 2013-05-15 07:38 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC
2014-10-29 19:31 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
2014-10-29 19:31 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
2014-10-28 07:52 - 2014-02-15 00:15 - 00001813 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
2014-10-27 03:07 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\Obrázky
2014-10-19 09:21 - 2013-07-03 04:06 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\Bluetooth Exchange Folder
2014-10-09 20:29 - 2013-05-14 18:17 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-10-09 20:29 - 2013-05-14 18:17 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-10-09 20:24 - 2004-08-18 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-10-09 20:20 - 2013-05-15 09:21 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-10-09 20:20 - 2013-05-15 09:21 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-10-09 20:20 - 2013-05-15 09:20 - 20447232 _____ () C:\WINDOWS\system32\config\software.bak
2014-10-09 20:20 - 2013-05-15 09:20 - 04718592 _____ () C:\WINDOWS\system32\config\system.bak
2014-10-09 20:20 - 2013-05-15 09:20 - 00262144 _____ () C:\WINDOWS\system32\config\default.bak
2014-10-09 20:06 - 2013-05-14 19:32 - 00000327 __RSH () C:\boot.ini
2014-10-09 03:37 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Dokumenty
Some content of TEMP:
====================
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\NEventMessages.dll
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\NOSEventMessages.dll
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskajující reklamy, AD, pomalé pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Vyskajující reklamy, AD, pomalé pc
- Přílohy
-
- Addition.zip
- (6.98 KiB) Staženo 49 x
-
Rudy
- Site Admin
- Příspěvky: 119558
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskajující reklamy, AD, pomalé pc
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskajující reklamy, AD, pomalé pc
# AdwCleaner v3.311 - Report created 07/11/2014 at 20:55:21
# Updated 30/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Petr - DOMA-14514ED6DC
# Running from : C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\2308189059
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\systemk
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Systweak
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\wincert
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\AVG Security Toolbar
[!] Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\Settings Manager
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\WINDOWS\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Folder Deleted : C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
File Deleted : C:\WINDOWS\system32\drivers\nethfdrv.sys
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\StartWeb.xml
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Linkey.Linkey
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Iminent\Iminent.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Iminent\Iminent.Messengers.exe]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422722220}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422852259}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455725520}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466726620}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B8BFA10F-6FFD-44B5-9DBB-E17CBAA107FF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444724420}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444854459}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\lucky leap
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Default Tab
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\lucky leap
Key Deleted : HKLM\SOFTWARE\MediaBuzzV1
Key Deleted : HKLM\SOFTWARE\MediaViewV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\SystemK
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Umbrella
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lucky leap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v6.0.2900.2180
-\\ Mozilla Firefox v33.0.2 (x86 en-US)
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R0].txt - [20550 octets] - [07/11/2014 20:54:18]
AdwCleaner[S0].txt - [20119 octets] - [07/11/2014 20:55:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20180 octets] ##########
# Updated 30/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Petr - DOMA-14514ED6DC
# Running from : C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\2308189059
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\systemk
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Systweak
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\wincert
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\AVG Security Toolbar
[!] Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\Settings Manager
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\WINDOWS\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Folder Deleted : C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
File Deleted : C:\WINDOWS\system32\drivers\nethfdrv.sys
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\StartWeb.xml
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Linkey.Linkey
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Iminent\Iminent.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Iminent\Iminent.Messengers.exe]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422722220}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422852259}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455725520}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466726620}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B8BFA10F-6FFD-44B5-9DBB-E17CBAA107FF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444724420}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444854459}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\lucky leap
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Default Tab
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\lucky leap
Key Deleted : HKLM\SOFTWARE\MediaBuzzV1
Key Deleted : HKLM\SOFTWARE\MediaViewV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\SystemK
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Umbrella
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lucky leap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v6.0.2900.2180
-\\ Mozilla Firefox v33.0.2 (x86 en-US)
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R0].txt - [20550 octets] - [07/11/2014 20:54:18]
AdwCleaner[S0].txt - [20119 octets] - [07/11/2014 20:55:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20180 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119558
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskajující reklamy, AD, pomalé pc
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskajující reklamy, AD, pomalé pc
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-11-2014 01
Ran by Petr (administrator) on DOMA-14514ED6DC on 08-11-2014 13:25:40
Running from C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha
Loaded Profile: Petr (Available profiles: Petr)
Platform: Microsoft Windows XP Home Edition Service Pack 2 (X86) OS Language: Čeština
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
() C:\WINDOWS\system32\WLTRYSVC.EXE
(Broadcom Corporation) C:\WINDOWS\system32\BCMWLTRY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Broadcom Corporation) C:\WINDOWS\system32\bcmntray.EXE
() C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [84760 2007-06-19] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [125720 2007-06-19] (Intel Corporation)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [507904 2005-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [401408 2005-07-22] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [385024 2005-07-22] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1388544 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\bcmntray
Winlogon\Notify\IntelWireless: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\...\Run: [AVG-Secure-Search-Update_1114tb] => "C:\Program Files\AVG Security Toolbar\AVG-Secure-Search-Update_1114tb.exe" /PROMPT /CMPID=1114tb
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe [854192 2014-09-12] (Adobe Systems Incorporated)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default
FF DefaultSearchEngine: default-search.net
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: default-search.net
FF Homepage: about:home
FF Keyword.URL:
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\StartWeb.xml
FF Extension: Apps Hat - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [2014-09-11]
FF Extension: KMPlayer Toolbar - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\toolbar@ask.com [2013-05-23]
FF Extension: WebSite Recommendation - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\WebSiteRecommendation@weliketheweb.com [2014-03-21]
FF Extension: Settings Manager - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{16D8371D-180E-146E-C4AD-1DA80388AFBF} [2014-03-18]
FF Extension: Seznam lištička - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-04]
FF Extension: Default Tab - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\addon@defaulttab.com.xpi [2013-10-28]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha4672.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha6429.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home878.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaBuzzV1mode1215.net] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ff
FF HKLM\...\Firefox\Extensions: [ext@RichMediaViewV1release4443.net] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ff
Chrome:
=======
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> http://mysearch.avg.com/search?cid={FAC ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv= ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-15]
CHR Extension: (Disk Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-15]
CHR Extension: (YouTube) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-15]
CHR Extension: (VyhledÃÂÃÂÃÂÃÂÃÂÃÂÃÂávÃÂÃÂÃÂÃÂÃÂÃÂÃÂánÃÂÃÂÃÂÃÂÃÂÃÂÃÂàGoogle) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-15]
CHR Extension: (PenÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂàÃÂÃÂÃÂþenka Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
CHR Extension: (Gmail) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-15]
CHR HKLM\...\Chrome\Extension: [djphlgdiigjkepffdgcbghlhneakpalo] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ch\MediaBuzzV1mode1215.crx []
CHR HKLM\...\Chrome\Extension: [emnpojkehcjhddolfdmelpjhgjoicinh] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ch\MediaViewV1alpha6429.crx []
CHR HKLM\...\Chrome\Extension: [fhkiadklhnphenemoeafeolmjofdknhg] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ch\MediaViewV1alpha4672.crx []
CHR HKLM\...\Chrome\Extension: [kaebgalecpbcanaoflcehcbcpdmbokfp] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ch\MediaWatchV1home878.crx []
CHR HKLM\...\Chrome\Extension: [paoabofgapccpdijnmhhnkikcbiaflbe] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ch\RichMediaViewV1release4443.crx []
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [258103 2006-02-27] (Broadcom Corporation.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [86016 2005-07-22] (Intel Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161664 2013-11-25] (Oracle Corporation)
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [139264 2005-07-22] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [372809 2005-07-22] (Intel Corporation ) [File not signed]
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [847981 2005-05-11] (Broadcom Corporation) [File not signed]
S2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [192280 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-08-12] (AVG Technologies)
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [401664 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30363 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [1342602 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [148168 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [30189 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [57096 2006-02-27] (Broadcom Corporation.) [File not signed]
S3 Huawei; C:\WINDOWS\System32\DRIVERS\ewdcsc.sys [24448 2009-12-15] (Huawei Tech. Co., Ltd.)
R3 IWCA; C:\WINDOWS\System32\DRIVERS\iwca.sys [234496 2004-08-12] (Intel Corporation)
R3 LgBttPort; C:\WINDOWS\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\WINDOWS\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\WINDOWS\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11354 2005-07-22] (Intel Corporation) [File not signed]
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-18] ()
R3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [46080 2004-06-16] (SMSC)
R1 tidnet; C:\WINDOWS\System32\DRIVERS\tidnet.sys [19200 2009-09-15] (Telefónica I+D) [File not signed]
S3 usbbus; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [13056 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-19] (LG Electronics Inc.)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [3298432 2005-11-02] (Intel® Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113280 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 nmwcdnsuc; system32\drivers\nmwcdnsuc.sys [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46336 2004-08-18] (Microsoft Corporation)
U3 TlntSvr; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-08 13:25 - 2014-11-08 13:25 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST-OlderVersion
2014-11-07 20:53 - 2014-11-07 20:56 - 00000000 ____D () C:\AdwCleaner
2014-11-07 20:51 - 2014-11-07 20:50 - 01375089 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\adwcleaner_3.311.exe
2014-11-07 13:03 - 2014-11-07 13:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-07 12:36 - 2014-11-07 20:58 - 00000364 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_1114tb_rmv.job
2014-11-07 12:36 - 2014-11-07 20:58 - 00000364 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_1114tb_rel.job
2014-11-07 12:36 - 2014-11-07 12:36 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Avg_Update_1114tb
2014-11-07 12:36 - 2014-11-07 12:36 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Avg_Update_1114tb
2014-11-05 01:04 - 2014-11-05 01:04 - 00007148 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\Addition.zip
2014-11-05 00:27 - 2014-11-05 00:27 - 00038411 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST3.txt
2014-11-05 00:24 - 2014-11-05 00:51 - 00027640 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\Addition.txt
2014-11-05 00:14 - 2014-11-08 13:27 - 00018263 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST.txt
2014-11-05 00:13 - 2014-11-08 13:26 - 00000000 ____D () C:\FRST
2014-11-05 00:08 - 2014-11-08 13:25 - 01107968 _____ (Farbar) C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST.exe
2014-10-30 03:44 - 2014-11-05 02:48 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\insolv
2014-10-29 20:32 - 2014-10-29 20:32 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\AVG2015
2014-10-29 20:28 - 2014-10-29 20:28 - 00000714 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\AVG 2015.lnk
2014-10-29 20:24 - 2014-10-30 03:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2015
2014-10-29 20:24 - 2014-10-30 03:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2015
2014-10-29 20:24 - 2014-10-29 20:24 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Avg
2014-10-29 19:59 - 2014-10-30 02:53 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Avg2015
2014-10-29 02:27 - 2014-10-29 02:27 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikac
2014-10-12 05:38 - 2014-11-07 11:03 - 00010752 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\tel.xls
2014-10-09 20:29 - 2014-10-09 20:29 - 00019900 _____ () C:\ComboFix.txt
2014-10-09 20:29 - 2014-10-09 20:29 - 00000000 ____D () C:\Documents and Settings\Petr\Local Settings\temp
2014-10-09 20:29 - 2014-10-09 20:29 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\temp
2014-10-09 20:29 - 2014-10-09 20:29 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\temp
2014-10-09 20:20 - 2014-10-09 20:20 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-10-09 20:06 - 2014-10-09 20:06 - 00000000 _RSHD () C:\cmdcons
2014-10-09 20:06 - 2013-05-15 07:27 - 00000211 _____ () C:\Boot.bak
2014-10-09 20:06 - 2004-08-03 22:00 - 00261312 __RSH () C:\cmldr
2014-10-09 03:38 - 2014-10-09 20:29 - 00000000 ____D () C:\Qoobox
2014-10-09 03:38 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-10-09 03:38 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-10-09 03:38 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-10-09 03:37 - 2014-10-09 20:27 - 00000000 ____D () C:\WINDOWS\erdnt
2014-10-09 03:37 - 2014-10-09 03:37 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Nabídka Start\Programy\Nástroje pro správu
2014-10-09 03:37 - 2014-10-09 03:37 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Filmy
2014-10-09 03:37 - 2014-10-09 03:34 - 05582481 ____R (Swearware) C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\ComboFix.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-08 13:27 - 2014-02-12 22:13 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-08 13:27 - 2013-05-15 07:38 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp
2014-11-08 13:25 - 2013-05-15 07:38 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha
2014-11-08 13:24 - 2013-05-24 15:06 - 00004208 _____ () C:\WINDOWS\WINCMD.INI
2014-11-08 12:46 - 2014-02-15 00:12 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-08 12:40 - 2014-09-08 21:35 - 00003430 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-6.job
2014-11-08 12:36 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\Obrázky
2014-11-08 12:34 - 2013-05-15 07:31 - 00567818 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-08 08:56 - 2013-05-22 15:35 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
2014-11-08 08:56 - 2013-05-22 15:35 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
2014-11-08 08:46 - 2014-02-15 00:12 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-07 22:41 - 2014-09-08 21:36 - 00004454 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-4.job
2014-11-07 22:40 - 2014-09-08 21:35 - 00000882 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-11-07 22:40 - 2014-09-08 21:35 - 00000878 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-11-07 22:36 - 2014-09-08 21:36 - 00002720 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-1.job
2014-11-07 22:36 - 2014-09-08 21:36 - 00002406 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-5.job
2014-11-07 22:36 - 2014-09-08 21:36 - 00002070 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-2.job
2014-11-07 22:35 - 2014-09-08 21:35 - 00004456 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-11.job
2014-11-07 22:35 - 2014-09-08 21:35 - 00003094 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-7.job
2014-11-07 21:00 - 2013-05-14 18:50 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-07 20:59 - 2013-08-02 06:40 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-11-07 20:58 - 2013-05-15 09:26 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-11-07 20:58 - 2013-05-15 09:26 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-11-07 20:58 - 2013-05-15 07:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-07 20:57 - 2013-05-15 07:37 - 00032454 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-07 20:56 - 2013-05-15 07:38 - 00000178 ___SH () C:\Documents and Settings\Petr.DOMA-14514ED6DC\ntuser.ini
2014-11-07 20:56 - 2013-05-15 07:38 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC
2014-11-07 20:55 - 2013-05-15 09:22 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS\Data aplikací
2014-11-07 20:52 - 2014-07-01 21:04 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\csr
2014-11-07 20:52 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty
2014-11-07 12:36 - 2013-05-15 07:38 - 00000000 ___HD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací
2014-11-07 12:35 - 2004-08-18 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-04 23:41 - 2013-11-18 07:44 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Seznam.cz
2014-11-04 23:40 - 2014-06-16 14:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2014
2014-11-04 23:40 - 2014-06-16 14:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2014
2014-11-04 23:40 - 2013-05-15 07:38 - 00000000 __RHD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací
2014-11-03 23:28 - 2013-05-23 06:04 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-11-02 01:15 - 2013-05-15 09:22 - 01208587 _____ () C:\WINDOWS\setupapi.log
2014-10-30 03:37 - 2014-02-24 08:23 - 00000000 ____D () C:\Program Files\DP1815
2014-10-30 03:36 - 2014-09-08 21:35 - 00000000 ____D () C:\Program Files\Apps Hat
2014-10-29 20:33 - 2013-05-22 15:38 - 00000000 ____D () C:\Program Files\AVG
2014-10-29 20:32 - 2013-05-22 15:39 - 00000000 ___HD () C:\$AVG
2014-10-29 20:31 - 2014-04-27 08:45 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVG
2014-10-29 20:31 - 2014-04-27 08:45 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVG
2014-10-29 20:31 - 2013-05-15 09:22 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Plocha
2014-10-29 19:47 - 2014-09-08 21:42 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Opera Software
2014-10-29 19:47 - 2014-09-08 21:41 - 00000000 ____D () C:\Program Files\Opera
2014-10-29 19:47 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Oblíbené položky
2014-10-29 19:46 - 2014-02-24 08:25 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Mobogenie
2014-10-29 19:45 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Nabídka Start\Programy
2014-10-29 19:44 - 2014-07-17 05:22 - 00000000 ____D () C:\Program Files\Mobogenie3
2014-10-29 19:44 - 2014-02-24 08:25 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\Mobogenie
2014-10-29 19:44 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-10-29 19:44 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-10-29 19:39 - 2013-05-15 09:23 - 01018222 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-29 19:31 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
2014-10-29 19:31 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
2014-10-28 07:52 - 2014-02-15 00:15 - 00001813 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
2014-10-19 09:21 - 2013-07-03 04:06 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\Bluetooth Exchange Folder
2014-10-09 20:29 - 2013-05-14 18:17 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-10-09 20:29 - 2013-05-14 18:17 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-10-09 20:24 - 2004-08-18 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-10-09 20:20 - 2013-05-15 09:21 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-10-09 20:20 - 2013-05-15 09:21 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-10-09 20:20 - 2013-05-15 09:20 - 20447232 _____ () C:\WINDOWS\system32\config\software.bak
2014-10-09 20:20 - 2013-05-15 09:20 - 04718592 _____ () C:\WINDOWS\system32\config\system.bak
2014-10-09 20:20 - 2013-05-15 09:20 - 00262144 _____ () C:\WINDOWS\system32\config\default.bak
2014-10-09 20:06 - 2013-05-14 19:32 - 00000327 __RSH () C:\boot.ini
2014-10-09 03:37 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Dokumenty
Some content of TEMP:
====================
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\NEventMessages.dll
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\NOSEventMessages.dll
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Ran by Petr (administrator) on DOMA-14514ED6DC on 08-11-2014 13:25:40
Running from C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha
Loaded Profile: Petr (Available profiles: Petr)
Platform: Microsoft Windows XP Home Edition Service Pack 2 (X86) OS Language: Čeština
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
() C:\WINDOWS\system32\WLTRYSVC.EXE
(Broadcom Corporation) C:\WINDOWS\system32\BCMWLTRY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Broadcom Corporation) C:\WINDOWS\system32\bcmntray.EXE
() C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [84760 2007-06-19] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [125720 2007-06-19] (Intel Corporation)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [507904 2005-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [401408 2005-07-22] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [385024 2005-07-22] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1388544 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\bcmntray
Winlogon\Notify\IntelWireless: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\...\Run: [AVG-Secure-Search-Update_1114tb] => "C:\Program Files\AVG Security Toolbar\AVG-Secure-Search-Update_1114tb.exe" /PROMPT /CMPID=1114tb
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe [854192 2014-09-12] (Adobe Systems Incorporated)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default
FF DefaultSearchEngine: default-search.net
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: default-search.net
FF Homepage: about:home
FF Keyword.URL:
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\StartWeb.xml
FF Extension: Apps Hat - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [2014-09-11]
FF Extension: KMPlayer Toolbar - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\toolbar@ask.com [2013-05-23]
FF Extension: WebSite Recommendation - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\WebSiteRecommendation@weliketheweb.com [2014-03-21]
FF Extension: Settings Manager - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{16D8371D-180E-146E-C4AD-1DA80388AFBF} [2014-03-18]
FF Extension: Seznam lištička - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-04]
FF Extension: Default Tab - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\addon@defaulttab.com.xpi [2013-10-28]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha4672.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha6429.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home878.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaBuzzV1mode1215.net] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ff
FF HKLM\...\Firefox\Extensions: [ext@RichMediaViewV1release4443.net] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ff
Chrome:
=======
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> http://mysearch.avg.com/search?cid={FAC ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv= ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-15]
CHR Extension: (Disk Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-15]
CHR Extension: (YouTube) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-15]
CHR Extension: (VyhledÃÂÃÂÃÂÃÂÃÂÃÂÃÂávÃÂÃÂÃÂÃÂÃÂÃÂÃÂánÃÂÃÂÃÂÃÂÃÂÃÂÃÂàGoogle) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-15]
CHR Extension: (PenÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂàÃÂÃÂÃÂþenka Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
CHR Extension: (Gmail) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-15]
CHR HKLM\...\Chrome\Extension: [djphlgdiigjkepffdgcbghlhneakpalo] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ch\MediaBuzzV1mode1215.crx []
CHR HKLM\...\Chrome\Extension: [emnpojkehcjhddolfdmelpjhgjoicinh] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ch\MediaViewV1alpha6429.crx []
CHR HKLM\...\Chrome\Extension: [fhkiadklhnphenemoeafeolmjofdknhg] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ch\MediaViewV1alpha4672.crx []
CHR HKLM\...\Chrome\Extension: [kaebgalecpbcanaoflcehcbcpdmbokfp] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ch\MediaWatchV1home878.crx []
CHR HKLM\...\Chrome\Extension: [paoabofgapccpdijnmhhnkikcbiaflbe] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ch\RichMediaViewV1release4443.crx []
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [258103 2006-02-27] (Broadcom Corporation.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [86016 2005-07-22] (Intel Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161664 2013-11-25] (Oracle Corporation)
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [139264 2005-07-22] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [372809 2005-07-22] (Intel Corporation ) [File not signed]
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [847981 2005-05-11] (Broadcom Corporation) [File not signed]
S2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [192280 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-08-12] (AVG Technologies)
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [401664 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30363 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [1342602 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [148168 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [30189 2006-02-27] (Broadcom Corporation.) [File not signed]
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [57096 2006-02-27] (Broadcom Corporation.) [File not signed]
S3 Huawei; C:\WINDOWS\System32\DRIVERS\ewdcsc.sys [24448 2009-12-15] (Huawei Tech. Co., Ltd.)
R3 IWCA; C:\WINDOWS\System32\DRIVERS\iwca.sys [234496 2004-08-12] (Intel Corporation)
R3 LgBttPort; C:\WINDOWS\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\WINDOWS\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\WINDOWS\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11354 2005-07-22] (Intel Corporation) [File not signed]
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-18] ()
R3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [46080 2004-06-16] (SMSC)
R1 tidnet; C:\WINDOWS\System32\DRIVERS\tidnet.sys [19200 2009-09-15] (Telefónica I+D) [File not signed]
S3 usbbus; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [13056 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-19] (LG Electronics Inc.)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [3298432 2005-11-02] (Intel® Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113280 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 nmwcdnsuc; system32\drivers\nmwcdnsuc.sys [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46336 2004-08-18] (Microsoft Corporation)
U3 TlntSvr; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-08 13:25 - 2014-11-08 13:25 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST-OlderVersion
2014-11-07 20:53 - 2014-11-07 20:56 - 00000000 ____D () C:\AdwCleaner
2014-11-07 20:51 - 2014-11-07 20:50 - 01375089 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\adwcleaner_3.311.exe
2014-11-07 13:03 - 2014-11-07 13:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-07 12:36 - 2014-11-07 20:58 - 00000364 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_1114tb_rmv.job
2014-11-07 12:36 - 2014-11-07 20:58 - 00000364 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_1114tb_rel.job
2014-11-07 12:36 - 2014-11-07 12:36 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Avg_Update_1114tb
2014-11-07 12:36 - 2014-11-07 12:36 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Avg_Update_1114tb
2014-11-05 01:04 - 2014-11-05 01:04 - 00007148 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\Addition.zip
2014-11-05 00:27 - 2014-11-05 00:27 - 00038411 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST3.txt
2014-11-05 00:24 - 2014-11-05 00:51 - 00027640 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\Addition.txt
2014-11-05 00:14 - 2014-11-08 13:27 - 00018263 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST.txt
2014-11-05 00:13 - 2014-11-08 13:26 - 00000000 ____D () C:\FRST
2014-11-05 00:08 - 2014-11-08 13:25 - 01107968 _____ (Farbar) C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\FRST.exe
2014-10-30 03:44 - 2014-11-05 02:48 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\insolv
2014-10-29 20:32 - 2014-10-29 20:32 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\AVG2015
2014-10-29 20:28 - 2014-10-29 20:28 - 00000714 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\AVG 2015.lnk
2014-10-29 20:24 - 2014-10-30 03:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2015
2014-10-29 20:24 - 2014-10-30 03:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2015
2014-10-29 20:24 - 2014-10-29 20:24 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Avg
2014-10-29 19:59 - 2014-10-30 02:53 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Avg2015
2014-10-29 02:27 - 2014-10-29 02:27 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikac
2014-10-12 05:38 - 2014-11-07 11:03 - 00010752 _____ () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\tel.xls
2014-10-09 20:29 - 2014-10-09 20:29 - 00019900 _____ () C:\ComboFix.txt
2014-10-09 20:29 - 2014-10-09 20:29 - 00000000 ____D () C:\Documents and Settings\Petr\Local Settings\temp
2014-10-09 20:29 - 2014-10-09 20:29 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\temp
2014-10-09 20:29 - 2014-10-09 20:29 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\temp
2014-10-09 20:20 - 2014-10-09 20:20 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-10-09 20:20 - 2014-10-09 20:20 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-10-09 20:06 - 2014-10-09 20:06 - 00000000 _RSHD () C:\cmdcons
2014-10-09 20:06 - 2013-05-15 07:27 - 00000211 _____ () C:\Boot.bak
2014-10-09 20:06 - 2004-08-03 22:00 - 00261312 __RSH () C:\cmldr
2014-10-09 03:38 - 2014-10-09 20:29 - 00000000 ____D () C:\Qoobox
2014-10-09 03:38 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-10-09 03:38 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-10-09 03:38 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-10-09 03:38 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-10-09 03:37 - 2014-10-09 20:27 - 00000000 ____D () C:\WINDOWS\erdnt
2014-10-09 03:37 - 2014-10-09 03:37 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Nabídka Start\Programy\Nástroje pro správu
2014-10-09 03:37 - 2014-10-09 03:37 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Filmy
2014-10-09 03:37 - 2014-10-09 03:34 - 05582481 ____R (Swearware) C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha\ComboFix.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-08 13:27 - 2014-02-12 22:13 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-08 13:27 - 2013-05-15 07:38 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp
2014-11-08 13:25 - 2013-05-15 07:38 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha
2014-11-08 13:24 - 2013-05-24 15:06 - 00004208 _____ () C:\WINDOWS\WINCMD.INI
2014-11-08 12:46 - 2014-02-15 00:12 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-08 12:40 - 2014-09-08 21:35 - 00003430 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-6.job
2014-11-08 12:36 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\Obrázky
2014-11-08 12:34 - 2013-05-15 07:31 - 00567818 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-08 08:56 - 2013-05-22 15:35 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
2014-11-08 08:56 - 2013-05-22 15:35 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
2014-11-08 08:46 - 2014-02-15 00:12 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-07 22:41 - 2014-09-08 21:36 - 00004454 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-4.job
2014-11-07 22:40 - 2014-09-08 21:35 - 00000882 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-11-07 22:40 - 2014-09-08 21:35 - 00000878 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-11-07 22:36 - 2014-09-08 21:36 - 00002720 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-1.job
2014-11-07 22:36 - 2014-09-08 21:36 - 00002406 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-5.job
2014-11-07 22:36 - 2014-09-08 21:36 - 00002070 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-2.job
2014-11-07 22:35 - 2014-09-08 21:35 - 00004456 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-11.job
2014-11-07 22:35 - 2014-09-08 21:35 - 00003094 _____ () C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-7.job
2014-11-07 21:00 - 2013-05-14 18:50 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-07 20:59 - 2013-08-02 06:40 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-11-07 20:58 - 2013-05-15 09:26 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-11-07 20:58 - 2013-05-15 09:26 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-11-07 20:58 - 2013-05-15 07:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-07 20:57 - 2013-05-15 07:37 - 00032454 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-07 20:56 - 2013-05-15 07:38 - 00000178 ___SH () C:\Documents and Settings\Petr.DOMA-14514ED6DC\ntuser.ini
2014-11-07 20:56 - 2013-05-15 07:38 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC
2014-11-07 20:55 - 2013-05-15 09:22 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS\Data aplikací
2014-11-07 20:52 - 2014-07-01 21:04 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\csr
2014-11-07 20:52 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty
2014-11-07 12:36 - 2013-05-15 07:38 - 00000000 ___HD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací
2014-11-07 12:35 - 2004-08-18 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-04 23:41 - 2013-11-18 07:44 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Seznam.cz
2014-11-04 23:40 - 2014-06-16 14:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2014
2014-11-04 23:40 - 2014-06-16 14:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2014
2014-11-04 23:40 - 2013-05-15 07:38 - 00000000 __RHD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací
2014-11-03 23:28 - 2013-05-23 06:04 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-11-02 01:15 - 2013-05-15 09:22 - 01208587 _____ () C:\WINDOWS\setupapi.log
2014-10-30 03:37 - 2014-02-24 08:23 - 00000000 ____D () C:\Program Files\DP1815
2014-10-30 03:36 - 2014-09-08 21:35 - 00000000 ____D () C:\Program Files\Apps Hat
2014-10-29 20:33 - 2013-05-22 15:38 - 00000000 ____D () C:\Program Files\AVG
2014-10-29 20:32 - 2013-05-22 15:39 - 00000000 ___HD () C:\$AVG
2014-10-29 20:31 - 2014-04-27 08:45 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVG
2014-10-29 20:31 - 2014-04-27 08:45 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVG
2014-10-29 20:31 - 2013-05-15 09:22 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Plocha
2014-10-29 19:47 - 2014-09-08 21:42 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Opera Software
2014-10-29 19:47 - 2014-09-08 21:41 - 00000000 ____D () C:\Program Files\Opera
2014-10-29 19:47 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Oblíbené položky
2014-10-29 19:46 - 2014-02-24 08:25 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Mobogenie
2014-10-29 19:45 - 2013-05-15 07:38 - 00000000 ___RD () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Nabídka Start\Programy
2014-10-29 19:44 - 2014-07-17 05:22 - 00000000 ____D () C:\Program Files\Mobogenie3
2014-10-29 19:44 - 2014-02-24 08:25 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\Mobogenie
2014-10-29 19:44 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-10-29 19:44 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-10-29 19:39 - 2013-05-15 09:23 - 01018222 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-29 19:31 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
2014-10-29 19:31 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
2014-10-28 07:52 - 2014-02-15 00:15 - 00001813 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
2014-10-19 09:21 - 2013-07-03 04:06 - 00000000 ____D () C:\Documents and Settings\Petr.DOMA-14514ED6DC\Dokumenty\Bluetooth Exchange Folder
2014-10-09 20:29 - 2013-05-14 18:17 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-10-09 20:29 - 2013-05-14 18:17 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-10-09 20:24 - 2004-08-18 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-10-09 20:20 - 2013-05-15 09:21 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-10-09 20:20 - 2013-05-15 09:21 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-10-09 20:20 - 2013-05-15 09:20 - 20447232 _____ () C:\WINDOWS\system32\config\software.bak
2014-10-09 20:20 - 2013-05-15 09:20 - 04718592 _____ () C:\WINDOWS\system32\config\system.bak
2014-10-09 20:20 - 2013-05-15 09:20 - 00262144 _____ () C:\WINDOWS\system32\config\default.bak
2014-10-09 20:06 - 2013-05-14 19:32 - 00000327 __RSH () C:\boot.ini
2014-10-09 03:37 - 2013-05-15 09:22 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Dokumenty
Some content of TEMP:
====================
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\NEventMessages.dll
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\NOSEventMessages.dll
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119558
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskajující reklamy, AD, pomalé pc
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Extension: KMPlayer Toolbar - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\toolbar@ask.com [2013-05-23]
FF Extension: WebSite Recommendation - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\WebSiteRecommendation@weliketheweb.com [2014-03-21]
FF Extension: Settings Manager - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{16D8371D-180E-146E-C4AD-1DA80388AFBF} [2014-03-18]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha4672.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha6429.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home878.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaBuzzV1mode1215.net] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ff
C:\Program Files\MediaViewV1
C:\Program Files\MediaBuzzV1
C:\Program Files\MediaWatchV1
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> http://mysearch.avg.com/search?cid={FAC ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv= ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Extension: (VyhledÃÂÃÂÃÂÃÂÃÂÃÂÃÂávÃÂÃÂÃÂÃÂÃÂÃÂÃÂánÃÂÃÂÃÂÃÂÃÂÃÂÃÂàGoogle) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-15]
CHR Extension: (PenÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂÃÂàÃÂÃÂÃÂþenka Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
CHR HKLM\...\Chrome\Extension: [djphlgdiigjkepffdgcbghlhneakpalo] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ch\MediaBuzzV1mode1215.crx []
CHR HKLM\...\Chrome\Extension: [emnpojkehcjhddolfdmelpjhgjoicinh] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ch\MediaViewV1alpha6429.crx []
CHR HKLM\...\Chrome\Extension: [fhkiadklhnphenemoeafeolmjofdknhg] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ch\MediaViewV1alpha4672.crx []
CHR HKLM\...\Chrome\Extension: [kaebgalecpbcanaoflcehcbcpdmbokfp] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ch\MediaWatchV1home878.crx []
CHR HKLM\...\Chrome\Extension: [paoabofgapccpdijnmhhnkikcbiaflbe] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ch\RichMediaViewV1release4443.crx []
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-6.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-1.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-5.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-2.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-11.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-7.job
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskajující reklamy, AD, pomalé pc
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-11-2014 01
Ran by Petr at 2014-11-09 04:14:49 Run:1
Running from C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha
Loaded Profile: Petr (Available profiles: Petr)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Extension: KMPlayer Toolbar - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\toolbar@ask.com [2013-05-23]
FF Extension: WebSite Recommendation - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\WebSiteRecommendation@weliketheweb.com [2014-03-21]
FF Extension: Settings Manager - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{16D8371D-180E-146E-C4AD-1DA80388AFBF} [2014-03-18]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha4672.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha6429.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home878.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaBuzzV1mode1215.net] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ff
C:\Program Files\MediaViewV1
C:\Program Files\MediaBuzzV1
C:\Program Files\MediaWatchV1
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> http://mysearch.avg.com/search?cid={FAC ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv= ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Extension: (VyhledAÂA?ÂAÂ?A?ÂAÂA?Â?AÂ?A?Â!vAÂA?ÂAÂ?A?ÂAÂA?Â?AÂ?A?Â!nAÂA?ÂAÂ?A?ÂAÂA?Â?AÂ?A? Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-15]
CHR Extension: (PenAÂA?ÂAÂ?A?Â?AÂA?Â?AÂ?A?Â?AÂA?ÂAÂ?A?Â?AÂA?Â?AÂ?A?Â3enka Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
CHR HKLM\...\Chrome\Extension: [djphlgdiigjkepffdgcbghlhneakpalo] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ch\MediaBuzzV1mode1215.crx []
CHR HKLM\...\Chrome\Extension: [emnpojkehcjhddolfdmelpjhgjoicinh] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ch\MediaViewV1alpha6429.crx []
CHR HKLM\...\Chrome\Extension: [fhkiadklhnphenemoeafeolmjofdknhg] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ch\MediaViewV1alpha4672.crx []
CHR HKLM\...\Chrome\Extension: [kaebgalecpbcanaoflcehcbcpdmbokfp] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ch\MediaWatchV1home878.crx []
CHR HKLM\...\Chrome\Extension: [paoabofgapccpdijnmhhnkikcbiaflbe] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ch\RichMediaViewV1release4443.crx []
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-6.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-1.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-5.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-2.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-11.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-7.job
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp
End
*****************
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1801674531-2111687655-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\toolbar@ask.com => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\WebSiteRecommendation@weliketheweb.com => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{16D8371D-180E-146E-C4AD-1DA80388AFBF} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha4672.net => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha6429.net => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@MediaWatchV1home878.net => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@MediaBuzzV1mode1215.net => value deleted successfully.
"C:\Program Files\MediaViewV1" => File/Directory not found.
"C:\Program Files\MediaBuzzV1" => File/Directory not found.
"C:\Program Files\MediaWatchV1" => File/Directory not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv= ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg= => Error: No automatic fix found for this entry.
Chrome DefaultSuggestURL deleted successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\djphlgdiigjkepffdgcbghlhneakpalo" => Key deleted successfully.
"C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ch\MediaBuzzV1mode1215.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\emnpojkehcjhddolfdmelpjhgjoicinh" => Key deleted successfully.
"C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ch\MediaViewV1alpha6429.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\fhkiadklhnphenemoeafeolmjofdknhg" => Key deleted successfully.
"C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ch\MediaViewV1alpha4672.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\kaebgalecpbcanaoflcehcbcpdmbokfp" => Key deleted successfully.
"C:\Program Files\MediaWatchV1\MediaWatchV1home878\ch\MediaWatchV1home878.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\paoabofgapccpdijnmhhnkikcbiaflbe" => Key deleted successfully.
"C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ch\RichMediaViewV1release4443.crx" => File/Directory not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-6.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-1.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-5.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-2.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-11.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-7.job => Moved successfully.
"C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp" directory move:
Could not move "C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp1FC.tmp" => Scheduled to move on reboot.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp24.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp2E7.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp2EA.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp30.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp306.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp3ECC.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp410.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp418.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp45D.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp50F.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp53.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp5CF.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp6822.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp68A9.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp6950.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp6B37.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp6C96.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp7.tmp => Moved successfully.
Could not move "C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp7C.tmp" => Scheduled to move on reboot.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp8C3.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\toolbar_log.txt => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\Uninstall.ico => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\VGX3.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\zoznam_115_gastech_6001new.xls => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_1E6.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_26D.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_4D7.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_5E6.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_6CB0.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_6CE.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_7F6.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\~75.bat => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\~75.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\~DF54B9.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\{D5878294-C113-43c5-A24F-FC333C52015A}\D5878294-C113-43c5-A24F-FC333C52015A.xml => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\Opera Installer\opera_installer_20141029194733.log => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\Opera Installer\opera_installer_20141029194737.log => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\InstallOptions.dll => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\ioSpecial.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\modern-wizard.bmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\PackageInstaller.dll => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\System.dll => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\Installation - 副本.html => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\Installation.html => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\moboGenieInstall.html => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\style.css => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\style2.css => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\Uninstall.html => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\guide.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\install.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\jquery.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\slide.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\slideshow.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\underscore.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\Uninstall.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\f_ico.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\g_ico.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\img.jpg => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\img02.jpg => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\img03.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\img04.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_arrow.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_bg.jpg => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_bg02.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_btn.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_close.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_close.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\ins_icon.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\ins_icon02.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\k_03.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\lange_bar.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\lange_close.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\sorry.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\t_ico.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Unico.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Uninstall_close.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\MoboUpdate\channel.xml => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\MoboUpdate\Info.xml => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\NT6NKPMB\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\MZ6VI3YR\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\IB434DUN\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\07J3XO5K\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\History\History.IE5\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\History\History.IE5\index.dat => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Cookies\index.dat => Moved successfully.
Could not move "C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-09 04:16:54)<=
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp1FC.tmp => Is moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp7C.tmp => Is moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp => Moved successfully.
==== End of Fixlog ====
Ran by Petr at 2014-11-09 04:14:49 Run:1
Running from C:\Documents and Settings\Petr.DOMA-14514ED6DC\Plocha
Loaded Profile: Petr (Available profiles: Petr)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1801674531-2111687655-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Extension: KMPlayer Toolbar - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\toolbar@ask.com [2013-05-23]
FF Extension: WebSite Recommendation - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\WebSiteRecommendation@weliketheweb.com [2014-03-21]
FF Extension: Settings Manager - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{16D8371D-180E-146E-C4AD-1DA80388AFBF} [2014-03-18]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha4672.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha6429.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home878.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ff
FF HKLM\...\Firefox\Extensions: [ext@MediaBuzzV1mode1215.net] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ff
C:\Program Files\MediaViewV1
C:\Program Files\MediaBuzzV1
C:\Program Files\MediaWatchV1
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={FACEFC49-9592-49F9-A548-42401813E09F}&mid=016f2d9af4f747d3bda1d15bb644dfd3-4f0bbf1043a1cc3bc6b997bfdd76482e5ccd0df3&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> http://mysearch.avg.com/search?cid={FAC ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv= ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg=
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Extension: (VyhledAÂA?ÂAÂ?A?ÂAÂA?Â?AÂ?A?Â!vAÂA?ÂAÂ?A?ÂAÂA?Â?AÂ?A?Â!nAÂA?ÂAÂ?A?ÂAÂA?Â?AÂ?A? Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-15]
CHR Extension: (PenAÂA?ÂAÂ?A?Â?AÂA?Â?AÂ?A?Â?AÂA?ÂAÂ?A?Â?AÂA?Â?AÂ?A?Â3enka Google) - C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
CHR HKLM\...\Chrome\Extension: [djphlgdiigjkepffdgcbghlhneakpalo] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ch\MediaBuzzV1mode1215.crx []
CHR HKLM\...\Chrome\Extension: [emnpojkehcjhddolfdmelpjhgjoicinh] - C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ch\MediaViewV1alpha6429.crx []
CHR HKLM\...\Chrome\Extension: [fhkiadklhnphenemoeafeolmjofdknhg] - C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ch\MediaViewV1alpha4672.crx []
CHR HKLM\...\Chrome\Extension: [kaebgalecpbcanaoflcehcbcpdmbokfp] - C:\Program Files\MediaWatchV1\MediaWatchV1home878\ch\MediaWatchV1home878.crx []
CHR HKLM\...\Chrome\Extension: [paoabofgapccpdijnmhhnkikcbiaflbe] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ch\RichMediaViewV1release4443.crx []
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-6.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-1.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-5.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-2.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-11.job
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-7.job
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp
End
*****************
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1801674531-2111687655-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\toolbar@ask.com => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\WebSiteRecommendation@weliketheweb.com => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Data aplikací\Mozilla\Firefox\Profiles\qwymu51o.default\Extensions\{16D8371D-180E-146E-C4AD-1DA80388AFBF} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha4672.net => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha6429.net => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@MediaWatchV1home878.net => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@MediaBuzzV1mode1215.net => value deleted successfully.
"C:\Program Files\MediaViewV1" => File/Directory not found.
"C:\Program Files\MediaBuzzV1" => File/Directory not found.
"C:\Program Files\MediaWatchV1" => File/Directory not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv= ... 2014-05-17 17:56:35&v=18.1.0.443&pid=safeguard&sg= => Error: No automatic fix found for this entry.
Chrome DefaultSuggestURL deleted successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\djphlgdiigjkepffdgcbghlhneakpalo" => Key deleted successfully.
"C:\Program Files\MediaBuzzV1\MediaBuzzV1mode1215\ch\MediaBuzzV1mode1215.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\emnpojkehcjhddolfdmelpjhgjoicinh" => Key deleted successfully.
"C:\Program Files\MediaViewV1\MediaViewV1alpha6429\ch\MediaViewV1alpha6429.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\fhkiadklhnphenemoeafeolmjofdknhg" => Key deleted successfully.
"C:\Program Files\MediaViewV1\MediaViewV1alpha4672\ch\MediaViewV1alpha4672.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\kaebgalecpbcanaoflcehcbcpdmbokfp" => Key deleted successfully.
"C:\Program Files\MediaWatchV1\MediaWatchV1home878\ch\MediaWatchV1home878.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\paoabofgapccpdijnmhhnkikcbiaflbe" => Key deleted successfully.
"C:\Program Files\RichMediaViewV1\RichMediaViewV1release4443\ch\RichMediaViewV1release4443.crx" => File/Directory not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-6.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-1.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-5.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-2.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-11.job => Moved successfully.
C:\WINDOWS\Tasks\f732db35-7da5-4723-8131-60c799f74916-7.job => Moved successfully.
"C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp" directory move:
Could not move "C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp1FC.tmp" => Scheduled to move on reboot.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp24.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp2E7.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp2EA.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp30.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp306.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp3ECC.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp410.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp418.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp45D.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp50F.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp53.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp5CF.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp6822.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp68A9.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp6950.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp6B37.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp6C96.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp7.tmp => Moved successfully.
Could not move "C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp7C.tmp" => Scheduled to move on reboot.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp8C3.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\toolbar_log.txt => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\Uninstall.ico => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\VGX3.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\zoznam_115_gastech_6001new.xls => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_1E6.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_26D.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_4D7.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_5E6.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_6CB0.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_6CE.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\_7F6.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\~75.bat => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\~75.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\~DF54B9.tmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\{D5878294-C113-43c5-A24F-FC333C52015A}\D5878294-C113-43c5-A24F-FC333C52015A.xml => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\Opera Installer\opera_installer_20141029194733.log => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\Opera Installer\opera_installer_20141029194737.log => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\InstallOptions.dll => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\ioSpecial.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\modern-wizard.bmp => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\PackageInstaller.dll => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\System.dll => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\Installation - 副本.html => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\Installation.html => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\moboGenieInstall.html => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\style.css => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\style2.css => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\view\Uninstall.html => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\guide.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\install.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\jquery.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\slide.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\slideshow.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\underscore.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\js\Uninstall.js => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\f_ico.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\g_ico.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\img.jpg => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\img02.jpg => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\img03.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\img04.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_arrow.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_bg.jpg => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_bg02.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_btn.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_close.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Installation_close.png => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\ins_icon.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\ins_icon02.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\k_03.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\lange_bar.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\lange_close.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\sorry.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\t_ico.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Unico.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\nsu16.tmp\installGuide\images\Uninstall_close.gif => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\MoboUpdate\channel.xml => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\MoboUpdate\Info.xml => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\NT6NKPMB\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\MZ6VI3YR\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\IB434DUN\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5\07J3XO5K\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\History\History.IE5\desktop.ini => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\History\History.IE5\index.dat => Moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\acrord32_sbx\Cookies\index.dat => Moved successfully.
Could not move "C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-09 04:16:54)<=
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp1FC.tmp => Is moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp\tmp7C.tmp => Is moved successfully.
C:\Documents and Settings\Petr.DOMA-14514ED6DC\Local Settings\Temp => Moved successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119558
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskajující reklamy, AD, pomalé pc
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskajující reklamy, AD, pomalé pc
Provedl jsem vse co bylo doporučeno a nic, žádná změna.....
-
Rudy
- Site Admin
- Příspěvky: 119558
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskajující reklamy, AD, pomalé pc
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?