Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-12-2014 01
Ran by RBJ at 2014-12-23 10:31:22
Running from C:\Users\RBJ\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader 9 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Apple Application Support (HKLM\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
AppsHat Mobile Apps (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\AppsHat Mobile Apps) (Version: 1.0.0.0 - Somoto Ltd.) <==== ATTENTION
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8) (HKLM\...\C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD) (Version: 05/22/2008 3.8 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1) (HKLM\...\9CD348AE9C64C4B939B624E8E24F3903EFDFC82B) (Version: 05/22/2008 7.00.0.1 - Nokia)
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.3.0.2 - )
BlueStacks Notification Center (HKLM\...\{87D0541E-7EB4-44AD-8A0D-D951152020C1}) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.51.1022 - Webteh, d.o.o.)
Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version: - ) <==== ATTENTION
Call of Duty (HKLM\...\Call of Duty) (Version: - )
Call of Duty Modern Warfare 2 (HKLM\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Call of Duty(R) 2 (HKLM\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (Version: 1.3 - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Activision) Hidden
CCleaner (remove only) (HKLM\...\CCleaner) (Version: - )
Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Colin McRae Rally 2 (HKLM\...\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}) (Version: - )
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.4.102.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dropbox (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.2.5 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry Demo (HKLM\...\InstallShield_{471BB1D9-6F59-4093-B46D-373772D5C111}) (Version: 1.00.0000 - Ubisoft)
Far Cry Demo (Version: 1.00.0000 - Ubisoft) Hidden
Farming Simulator 2013 (HKLM\...\FarmingSimulator2013CZ_is1) (Version: 1.0 - GIANTS Software)
GamePark (HKLM\...\GameParkClient_is1) (Version: - GamePark)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
GIMP 2.6.12 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google SketchUp 8 (HKLM\...\{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}) (Version: 3.0.11752 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes & Generals (HKLM\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
ICQ Toolbar (HKLM\...\ICQToolbar) (Version: 3.0.0 - ICQ)
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Inkscape 0.48.2 (HKLM\...\Inkscape) (Version: 0.48.2 - )
istartsurf uninstall (HKLM\...\istartsurf uninstall) (Version: - istartsurf) <==== ATTENTION
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Logitech Gaming Software 5.10 (HKLM\...\{60D32CDC-E3BE-4578-BA10-29322307CDDC}) (Version: 5.10.127 - Logitech)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Minecraft 1.6.4 + Funkcni CZ Multiplayer Server (HKLM\...\Minecraft 1.6.4 + Funkcni CZ Multiplayer Server) (Version: - )
minecraft mody letadla auta tanky a pistole 1.5.2 rar version for Windows (HKLM\...\{5C1C0C92-350D-C1E8-0D4D-BCBBADAACD32}_is1) (Version: for Windows - )
Minecraft PC Gamer Demo version 1.5 (HKLM\...\{55D65D27-C0CD-4375-9021-F3D3D024ED90}_is1) (Version: 1.5 - Mojang)
Movies Toolbar for Chrome (Dist. by Somoto Ltd.) (HKLM\...\somotomoviestoolbar1CR) (Version: 1.6.2.0 - APN LLC) <==== ATTENTION
Movies Toolbar for Internet Explorer (Dist. by Somoto Ltd.) (HKLM\...\somotomoviestoolbar1IE) (Version: 1.6.2.0 - APN LLC) <==== ATTENTION
Mozilla Firefox 33.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 33.0.2 (x86 cs)) (Version: 33.0.2 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nádherná zahrada (HKLM\...\Nádherná zahrada) (Version: - )
Nástroj pro bezdrátovou kartu WLAN Dell (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.18 - Dell Inc.)
Network Play System (Patching) (HKLM\...\Network Play System (Patching)) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA GAME System Software 2.8.1 (HKLM\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
OpenOffice.org 3.1 (HKLM\...\{824BADF8-9A1B-4D07-8817-8DDDC8543F23}) (Version: 3.1.9420 - OpenOffice.org)
PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.2.5024 - Dell Corp.)
PSPad editor (HKLM\...\PSPad editor_is1) (Version: - Jan Fiala)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime (HKLM\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
Road Construction Simulator (HKLM\...\Road Construction Simulator1.0) (Version: 1.0 - Foxy Games)
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Samsung PC Studio 3 (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
SCANIA Truck Driving Simulator 1.0.0 (HKLM\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software)
Seznam Software (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\SeznamInstall) (Version: - Seznam.cz)
Shards of War (HKLM\...\1d128bf6-25c8-4b8a-bfa2-12b013ab230e_is1) (Version: 59459 - Bigpoint GmbH)
Simulátor stavby - Jeřáb (HKLM\...\Simulátor stavby - Jeřáb_is1) (Version: 1.0 - TopQer s.r.o.)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8312 - Skype Technologies S.A.)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Správce záloh a obnov Dell (HKLM\...\{28DBCC2C-9342-47C3-9A92-1FDBDE377C14}) (Version: 1.0.0 - Dell, Inc.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SweeetPlayer bundle (HKLM\...\SweeetPlayer bundle) (Version: 2.0.0.5 - Perion Network LTD.)
SweetPlayer version 1.0 (HKLM\...\{3F5700A1-5116-4BAA-9AD8-3FB238BE9334}_is1) (Version: 1.0 - Perion Network Ltd.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Ufonuv fofr internet 3.258.47 (HKLM\...\Ufonuv fofr internet) (Version: 3.258.47 - AnyDATA.NET, Inc)
Unity Web Player (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
VariCAD 2009-1.03 CZ (HKLM\...\VariCAD_20090303_CZ) (Version: - )
War Thunder Launcher 1.0.1.465 (HKLM\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Winamp (HKLM\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
World of Tanks (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Ztracený poklad 1.2 (HKLM\...\{49A30D6B-CCD8-4741-91FD-0E3FCC0D3A13}_is1) (Version: - Špidla Data Processing, s.r.o.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{527C9A9B-B9A2-44B0-84F9-F0DC11C2BCFB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\RBJ\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C206F324-BB45-4765-93FF-3BCA7306FF2E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\ACTXPRXY.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{E03E85B0-7BE3-4000-BA98-6C13DE9FA486}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
15-12-2014 20:17:57 Naplánovaný kontrolní bod
17-12-2014 19:21:08 Naplánovaný kontrolní bod
21-12-2014 16:32:29 Installed Java 7 Update 71
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0DC725E3-1301-4D69-BBF8-3299BC12CE1D} - System32\Tasks\{23331894-CC9A-4F08-B448-BB6CAADC1262} => pcalua.exe -a C:\Users\RBJ\Downloads\18Wheels_of_Steel.exe -d "C:\Program Files\Mozilla Firefox"
Task: {5E5E87CC-DFA0-47F5-833A-623DC05F75A3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-21] (Adobe Systems Incorporated)
Task: {7A4EDB56-4F65-40DA-8B00-9F099A0043F0} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {84CB72F3-6C63-4DAF-86F3-4480E7B821E9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-22] (Facebook Inc.)
Task: {92FCBF3F-AA16-418D-82F4-15260A11EB31} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-13] (AVAST Software)
Task: {95A7FDA4-EA21-4059-ACEC-04F11A00605F} - System32\Tasks\{8C6F8F37-AC09-4244-A833-E086D5C04D4E} => pcalua.exe -a C:\Users\RBJ\AppData\Local\Temp\nro.tmp\SetupX.exe -d C:\Users\RBJ\AppData\Local\Temp\nro.tmp\ -c CONFIGPATH="C:\Users\RBJ\AppData\Local\Temp\NERO1002529\" SC SOURCEPATH="C:\Users\RBJ\AppData\Local\Temp\NERO1002529\"
Task: {A0EE5C6D-E94F-4DB5-8059-AEB6F48C7C40} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-22] (Facebook Inc.)
Task: {A7598A93-5AAD-4DEB-8F79-6BB508FB3D8D} - System32\Tasks\{310D873D-E002-4D6C-A538-93320D684C28} => pcalua.exe -a "C:\Program Files\Graphisoft\ArchiCAD 12\Uninstall.AC\uninstaller.exe"
Task: {A8FE6443-0274-4264-9010-1D540C35364A} - System32\Tasks\{5A8C90FA-F6E3-438B-91EB-ACCA6EF036FD} => pcalua.exe -a "C:\Users\RBJ\Desktop\F1\F1 2002\Support\F1 2002_uninst.exe" -d "C:\Users\RBJ\Desktop\F1\F1 2002\Support"
Task: {B343BA08-0900-4610-962B-BD00D49D2737} - System32\Tasks\{5FFDB9B2-6370-42C7-A57C-1579F4A4F9CF} => pcalua.exe -a C:\Users\RBJ\Desktop\plne_verze\infomapy\download\imhe2010_setup_chip_full_pack.exe -d C:\Users\RBJ\Desktop\plne_verze\infomapy\download
Task: {BC70DDAA-092C-4539-B5DF-48F134ED0FBC} - System32\Tasks\{67E02497-2CC1-42A4-9E37-532DD5F26AFD} => pcalua.exe -a "C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe" -c /M{471BB1D9-6F59-4093-B46D-373772D5C111}
Task: {BD384538-9BFA-47C0-AA53-B7532966666A} - System32\Tasks\{56F014CA-0817-4D25-B2DE-F09D65362AD3} => pcalua.exe -a C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {D61D788C-2187-4613-8A33-3F859D025BA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.)
Task: {E66433FE-B1FD-4A58-B6B2-4A585F8F3D7A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: {EB1A1AD2-16F5-4BD4-996F-529B715DDA23} - System32\Tasks\{423CFCF6-E219-43AA-BC55-4B2CBE4B78B5} => pcalua.exe -a "C:\Users\RBJ\Desktop\spidla\spidla kompletní hry vše cz\Polární dobrodružství\Polární dobrodružství 2.exe" -d "C:\Users\RBJ\Desktop\spidla\spidla kompletní hry vše cz\Polární dobrodružství"
Task: {F2C100EC-5193-451A-9021-3610C04A19B2} - System32\Tasks\{F690F736-4501-46EE-9BA5-AFB6C2655445} => pcalua.exe -a C:\Users\RBJ\Desktop\HuntingUnl4.exe -d C:\Users\RBJ\Desktop
Task: {FF400776-7C39-4B4F-8B4C-5A2911A57895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2014-07-04 16:08 - 2014-07-02 10:55 - 00489472 _____ () c:\program files\movies toolbar\datamngr\apcrtldr.dll
2009-10-11 07:18 - 2008-12-11 18:48 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2009-10-11 07:18 - 2008-12-11 18:47 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll
2011-03-02 19:58 - 2014-10-02 18:40 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-12-23 10:16 - 2014-12-23 10:16 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122300\algo.dll
2011-04-02 22:36 - 2012-06-03 22:47 - 00406016 _____ () C:\Windows\system32\asam\SQLite.dll
2011-04-02 22:37 - 2012-06-03 22:47 - 00629760 _____ () C:\Windows\system32\asam\CxImage.dll
2011-04-02 22:36 - 2012-06-03 22:47 - 00060416 _____ () C:\Windows\system32\asam\zlib1.dll
2009-10-26 20:18 - 2009-12-30 12:07 - 00075064 _____ () C:\Windows\system32\PnkBstrA.exe
2009-10-26 20:18 - 2014-12-22 18:15 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2011-04-03 12:35 - 2012-06-03 22:47 - 00117248 _____ () C:\Windows\system32\asam\rundll32.exe
2011-04-02 22:44 - 2012-06-03 22:47 - 00188928 _____ () C:\Windows\system32\asam\Czech\XTToolkitPro.dll
2014-10-02 18:40 - 2014-10-02 18:40 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-04 16:08 - 2014-07-02 10:55 - 00019456 _____ () c:\program files\movies toolbar\datamngr\mgrldr.dll
2014-10-27 15:13 - 2014-10-31 07:09 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2635682205-992849683-4104728822-500 - Administrator - Disabled)
Guest (S-1-5-21-2635682205-992849683-4104728822-501 - Limited - Disabled)
Katka (S-1-5-21-2635682205-992849683-4104728822-1001 - Administrator - Enabled) => C:\Users\Katka
RBJ (S-1-5-21-2635682205-992849683-4104728822-1000 - Administrator - Enabled) => C:\Users\RBJ
Samík (S-1-5-21-2635682205-992849683-4104728822-1002 - Limited - Enabled) => C:\Users\Samík
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/23/2014 10:24:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace plugin-container.exe, verze 33.0.2.5413, časové razítko 0x544ef530, chybující modul mozalloc.dll, verze 33.0.2.5413, časové razítko 0x544ed089, kód výjimky 0x80000003, posun chyby 0x00001425,
ID procesu 0x1204, čas spuštění aplikace 0xplugin-container.exe0.
Error: (12/23/2014 10:20:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/23/2014 10:19:38 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Operace byla dokončena úspěšně
--- Konec trasování zásobníku pro vnitřní výjimku ---
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/21/2014 04:25:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2014 04:24:46 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Operace byla dokončena úspěšně
--- Konec trasování zásobníku pro vnitřní výjimku ---
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/21/2014 04:20:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace plugin-container.exe, verze 33.0.2.5413, časové razítko 0x544ef530, chybující modul mozalloc.dll, verze 33.0.2.5413, časové razítko 0x544ed089, kód výjimky 0x80000003, posun chyby 0x00001425,
ID procesu 0x884, čas spuštění aplikace 0xplugin-container.exe0.
Error: (12/20/2014 08:08:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace plugin-container.exe, verze 33.0.2.5413, časové razítko 0x544ef530, chybující modul mozalloc.dll, verze 33.0.2.5413, časové razítko 0x544ed089, kód výjimky 0x80000003, posun chyby 0x00001425,
ID procesu 0x1140, čas spuštění aplikace 0xplugin-container.exe0.
Error: (12/20/2014 08:08:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 33.0.2.5413 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: 177c
Čas zahájení: 01d01c433e2b8b20
Čas ukončení: 433
Error: (12/20/2014 01:17:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShardsOfWarLauncher.exe verze 4.5.4.31047 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: e34
Čas zahájení: 01d01c4ed84d16f0
Čas ukončení: 39
Error: (12/19/2014 07:54:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WinRAR.exe verze 3.80.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: 16e4
Čas zahájení: 01d01bbac2cfa700
Čas ukončení: 303
System errors:
=============
Error: (12/23/2014 10:24:22 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 10:22:15 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 10:20:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BlueStacks Android Service%%1064
Error: (12/23/2014 10:20:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (12/23/2014 10:20:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: WinZiper service%%2
Error: (12/23/2014 10:18:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:17:32, 23.12.2014) bylo neočekávané.
Error: (12/21/2014 04:38:24 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/21/2014 04:38:14 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek C: spustit nástroj chkdsk.
Error: (12/21/2014 04:31:28 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek C: spustit nástroj chkdsk.
Error: (12/21/2014 04:25:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BlueStacks Android Service%%1064
Microsoft Office Sessions:
=========================
Error: (12/23/2014 10:24:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.2.5413544ef530mozalloc.dll33.0.2.5413544ed0898000000300001425120401d01e9216da9add
Error: (12/23/2014 10:20:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/23/2014 10:19:38 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Operace byla dokončena úspěšně
--- Konec trasování zásobníku pro vnitřní výjimku ---
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/21/2014 04:25:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2014 04:24:46 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Operace byla dokončena úspěšně
--- Konec trasování zásobníku pro vnitřní výjimku ---
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/21/2014 04:20:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.2.5413544ef530mozalloc.dll33.0.2.5413544ed089800000030000142588401d01d2292e827b0
Error: (12/20/2014 08:08:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.2.5413544ef530mozalloc.dll33.0.2.5413544ed0898000000300001425114001d01c5ad3834430
Error: (12/20/2014 08:08:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.0.2.5413177c01d01c433e2b8b20433
Error: (12/20/2014 01:17:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ShardsOfWarLauncher.exe4.5.4.31047e3401d01c4ed84d16f039
Error: (12/19/2014 07:54:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WinRAR.exe3.80.0.016e401d01bbac2cfa700303
CodeIntegrity Errors:
===================================
Date: 2013-03-21 19:25:28.799
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-21 19:25:28.596
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-21 19:25:28.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-21 19:25:28.144
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.943
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.779
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.585
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.413
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:47.750
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:47.587
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P7570 @ 2.26GHz
Percentage of memory in use: 50%
Total physical RAM: 2042.22 MB
Available physical RAM: 1016.68 MB
Total Pagefile: 4327.44 MB
Available Pagefile: 3198.62 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.38 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:1.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:10.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 9559FF61)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=218.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím kontrolu, pomalý NoteBook. Děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-12-2014 01
Ran by RBJ (administrator) on RBJ-PC on 23-12-2014 10:30:38
Running from C:\Users\RBJ\Downloads
Loaded Profile: RBJ (Available profiles: RBJ & Katka & Samík)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Roman Svihalek, Advanced Software) C:\Windows\System32\asam\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Absolute Software Corp.) C:\Windows\System32\rpcnet.exe
() C:\Windows\System32\asam\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Allstar Group, s.r.o.) C:\Program Files\GamePark2\gpcl.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TaskTray] => [X]
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483420 2009-03-31] (IDT, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-10] (Apple Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-05] (CyberLink Corp.)
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-12-11] (Dell Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-11-14] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [iLivid] => "C:\Users\RBJ\AppData\Local\iLivid\iLivid.exe" -autorun
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [iMesh] => "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Facebook Update] => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-22] (Facebook Inc.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [ICQ] => C:\Program Files\ICQ7.5\ICQ.exe [124480 2011-08-01] (ICQ, LLC.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {52f138d6-6626-11e1-a426-0c607698e54a} - H:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9562bb9e-6ae5-11e1-8700-0c607698e54a} - I:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {96fab215-a24f-11df-9b7b-0c607698e54a} - Install_Nokia_Ovi_Suite.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9caba1d9-c260-11de-9671-0c607698e54a} - F:\cdstart.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Samík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\movies toolbar\datamngr\apcrtldr.dll [489472 2014-07-02] () <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-2635682205-992849683-4104728822-1002\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VG0VZXP
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VG0VZXP
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type ... earchTerms}
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VG0VZXP
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VG0VZXP
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type ... earchTerms}
URLSearchHook: [S-1-5-21-2635682205-992849683-4104728822-1000] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... XX5VG0VZXP
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type ... earchTerms}
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type ... earchTerms}
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Movies Toolbar (Dist. by Somoto Ltd.) -> {3444c3c5-6c56-4a16-a453-832b05bf6ea4} -> C:\Program Files\Movies Toolbar\SafetyNut\SRTOOL~1\IE\searchresultsDx.dll ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: MinibarBHO -> {AA74D58F-ACD0-450D-A85E-6C04B171C044} -> C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\Program Files\Movies Toolbar\SafetyNut\SRTOOL~1\IE\searchresultsDx.dll ()
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/ ... tion32.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 20 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.24.128.8 82.119.240.3
Tcpip\..\Interfaces\{1E357D7D-8FAD-419C-98A0-87FC8960A498}: [NameServer] 91.187.32.2,77.48.100.254
FireFox:
========
FF ProfilePath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
FF NewTab: hxxp://www.delta-homes.com/newtab/?type=nt&ts= ... XX5VG0VZXP
FF DefaultSearchEngine: delta-homes
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @live.heroesandgenerals.com/npretox -> C:\Program Files\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll (Reto-Moto ApS)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: iMeshPlugin -> C:\Program Files\iMesh Applications\iMesh\npiMeshPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-23.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-24.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-25.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.gif
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.src
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\istartsurf.xml
FF Extension: General Crawler - C:\Users\RBJ\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-01-02]
FF Extension: Security Protection - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\detgdp@gmail.com [2014-12-23]
FF Extension: Fast Start - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\faststartff@gmail.com [2014-09-14]
FF Extension: Babylon - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\ffxtlbr@babylon.com [2012-01-02]
FF Extension: TVU Web Player - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\firefox@tvunetworks.com [2011-07-24]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27]
FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} [2014-01-02]
FF Extension: ICQ Toolbar - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2014-11-23]
FF Extension: AppsHat - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF} [2013-10-05]
FF Extension: Seznam lištička - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-06]
FF Extension: Hulksearch - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{6dfff1b3-5c82-4a33-91e2-65f51c0d090e}.xpi [2012-01-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-03-02]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\extensions\faststartff@gmail.com
FF HKLM\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\extensions\detgdp@gmail.com
FF Extension: No Name - wrc@avast.com [Not Found]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?type=sc&ts= ... XX5VG0VZXP
Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSearchURL: Default -> http://search.delta-homes.com/web/?type ... earchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Unity Player) - C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll No File
CHR Plugin: (TVU Web Player for FireFox) - C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
CHR Profile: C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Email) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-08-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-08]
CHR Extension: (YouTube) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-07]
CHR Extension: (Vyhledávání Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-07]
CHR Extension: (avast! Online Security) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-12]
CHR Extension: (AppsHat) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo [2013-10-05]
CHR Extension: (Peněženka Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-14]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-08-08]
CHR Extension: (Gmail) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-07]
CHR HKLM\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\RBJ\AppData\Local\somotomoviestoolbar1\GC\toolbar.crx [2013-08-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-02]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-09-21]
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-23]
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe http://www.delta-homes.com/?type=sc&ts= ... XX5VG0VZXP
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ActivityMon2; C:\Windows\system32\asam\svchost.exe [185856 2012-06-03] (Roman Svihalek, Advanced Software) [File not signed]
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\aestsrv.exe [81920 2009-03-31] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-02] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-14] (Cherished Technololgy LIMITED)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72224 2009-01-08] (O2Micro International)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75064 2009-12-30] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [214520 2014-12-22] ()
R2 rpcnet; C:\Windows\system32\rpcnet.exe [69792 2014-09-02] (Absolute Software Corp.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\STacSV.exe [249938 2009-03-31] (IDT, Inc.)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-14] (Fuyu LIMITED) [File not signed]
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-12-11] (Dell Inc.) [File not signed]
S2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [X] <==== ATTENTION
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [97920 2006-12-20] (QUALCOMM Incorporated)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-11-14] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-10-02] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-11] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-09-19] (BlueStack Systems)
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files\Movies Toolbar\Datamngr\setmgrc2.cfg [34168 2014-07-02] (Bandoo Media Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 O2MDGRDR; C:\Windows\System32\DRIVERS\o2mdg.sys [51616 2009-01-08] (O2Micro )
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdg.sys [41760 2009-01-08] (O2Micro )
S3 PnkBstrK; C:\Windows\system32\drivers\PnkBstrK.sys [137464 2014-12-22] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2009-12-27] () [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-28] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\Windows\System32\drivers\WmHidLo.sys [31816 2010-04-28] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-28] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-28] (Logitech Inc.)
U3 aroaef5c; C:\Windows\system32\Drivers\aroaef5c.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 10:29 - 2014-12-23 10:31 - 00037753 _____ () C:\Users\RBJ\Downloads\FRST.txt
2014-12-23 10:29 - 2014-12-23 10:30 - 00000000 ____D () C:\FRST
2014-12-23 10:28 - 2014-12-23 10:28 - 01114112 _____ (Farbar) C:\Users\RBJ\Downloads\FRST.exe
2014-12-23 10:17 - 2014-12-23 10:17 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\WinZipper
2014-12-23 10:17 - 2014-12-23 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
2014-12-21 16:35 - 2014-12-21 16:35 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-12-21 16:34 - 2014-12-21 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-21 16:34 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-21 16:34 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-21 16:34 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-21 16:34 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-21 16:33 - 2014-12-21 16:34 - 00004275 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-21 14:32 - 2014-12-21 15:39 - 1473748992 _____ () C:\Users\RBJ\Downloads\CoD4MWDemoSetup.exe
2014-12-21 10:33 - 2014-12-21 10:43 - 94264883 _____ () C:\Users\RBJ\Downloads\DanteLP-Hexxit+MC.rar
2014-12-21 10:17 - 2014-12-21 10:17 - 03170256 _____ () C:\Users\RBJ\Downloads\minecraft-1.7.10.exe.part
2014-12-20 13:17 - 2014-12-20 18:02 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-20 13:17 - 2014-12-20 13:17 - 00000000 ____D () C:\Users\RBJ\AppData\Local\UWebKit151
2014-12-20 13:16 - 2014-12-20 13:16 - 00000856 _____ () C:\Users\Public\Desktop\Shards of War.lnk
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shards of War
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\Program Files\Shards of War
2014-12-20 13:13 - 2014-12-20 13:14 - 23533016 _____ (Bigpoint GmbH ) C:\Users\RBJ\Downloads\ShardsOfWarSetup.exe
2014-12-20 11:57 - 2014-12-20 12:02 - 45503086 _____ () C:\Users\RBJ\Downloads\Minecraft-1.5.2-Hexxit.zip
2014-12-20 10:45 - 2014-12-20 11:14 - 475774532 _____ () C:\Users\RBJ\Downloads\čeština-call-of-duty-5.zip
2014-12-19 18:27 - 2014-12-19 19:21 - 1006315632 _____ () C:\Users\RBJ\Downloads\arma-2-free_1.0.zip
2014-12-17 17:15 - 2014-12-17 17:15 - 00011324 _____ () C:\Users\RBJ\Downloads\Sleeping_Beauty.torrent
2014-12-17 17:14 - 2014-12-17 17:14 - 00072852 _____ () C:\Users\RBJ\Downloads\Sleeping-Dogs-Definitive-Edition-PC-full-game-^^nosTEAM^^.torrent
2014-12-07 18:29 - 2014-12-07 18:29 - 00463724 _____ () C:\Users\RBJ\Downloads\minecraft-1-7-3-plna-hra-zdarma.zip
2014-12-07 18:24 - 2014-12-21 10:20 - 06830478 _____ (MINECRAFT ) C:\Users\RBJ\Downloads\MINECRAFT-1-7-2-plna-hra-zdarma.exe.part
2014-12-07 17:42 - 2014-12-07 17:42 - 00263186 _____ () C:\Users\RBJ\Downloads\minecraft_1.7.10.exe
2014-12-07 17:25 - 2014-12-07 17:25 - 00263186 _____ () C:\Users\RBJ\Downloads\Minecraft(7).exe
2014-12-07 15:17 - 2014-12-07 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator
2014-12-07 15:17 - 2014-12-07 15:17 - 00000000 ____D () C:\Program Files\Goat Simulator
2014-12-07 14:06 - 2014-12-07 15:14 - 640813276 _____ () C:\Users\RBJ\Downloads\Goat-Simulator-Pikachu92.rar
2014-12-07 14:05 - 2014-12-07 14:05 - 00030085 _____ () C:\Users\RBJ\Downloads\Goat.Simulator.2014-RELOADED.rar
2014-12-05 20:27 - 2014-12-07 11:02 - 00000000 ____D () C:\Program Files\WarThunder
2014-12-05 20:27 - 2014-12-05 20:27 - 00001642 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-12-05 20:27 - 2014-12-05 20:27 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-12-05 20:26 - 2014-12-05 20:27 - 04708944 _____ (Gaijin Entertainment ) C:\Users\RBJ\Downloads\wt_launcher_1.0.1.465.exe
2014-11-27 16:44 - 2014-11-27 16:44 - 00263186 _____ () C:\Users\RBJ\Downloads\minecraft_1.7.9.exe
2014-11-27 16:28 - 2014-11-27 16:28 - 00044681 _____ () C:\Users\RBJ\Downloads\Team-Fortress-2-Hack.rar
2014-11-26 19:29 - 2014-11-26 19:29 - 01142392 _____ () C:\Users\RBJ\Downloads\SteamSetup.exe
2014-11-26 19:29 - 2014-11-26 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-26 17:39 - 2014-11-26 17:39 - 04508416 _____ () C:\Users\RBJ\Downloads\serviceCar.zip
2014-11-25 19:46 - 2014-11-25 19:46 - 04746336 _____ (GIANTS Software GmbH) C:\Users\RBJ\Downloads\atv.exe
2014-11-25 19:33 - 2014-11-25 19:42 - 212871024 _____ (GIANTS Software ) C:\Users\RBJ\Downloads\FarmingSimulator2015Patch1.1.0.1CZ.exe
2014-11-25 19:06 - 2014-11-25 19:06 - 00000970 _____ () C:\Users\RBJ\Desktop\Farming Simulator 2013 .lnk
2014-11-25 19:06 - 2014-11-25 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013
2014-11-25 19:03 - 2014-11-25 19:06 - 00000000 ____D () C:\Program Files\Farming Simulator 2013
2014-11-25 18:55 - 2014-11-26 19:55 - 00000000 ____D () C:\Users\RBJ\Desktop\Nová složka
2014-11-25 17:22 - 2014-11-25 17:22 - 00000266 _____ () C:\Users\RBJ\Downloads\Call-of-Duty-Modern-Warfare-3-crack.zip
2014-11-23 17:45 - 2014-11-23 18:42 - 1614121603 _____ () C:\Users\RBJ\Downloads\Farming-Simulator-2013--cz.rar
2014-11-23 12:28 - 2014-11-23 12:28 - 00001571 _____ () C:\Users\Public\Desktop\ICQ7.5.lnk
2014-11-23 12:28 - 2014-11-23 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
2014-11-23 12:27 - 2014-11-27 16:12 - 00000000 ____D () C:\Program Files\ICQ7.5
2014-11-23 12:25 - 2014-11-23 12:26 - 13080792 _____ (ICQ) C:\Users\RBJ\Downloads\icq_7.5.exe
2014-11-23 12:15 - 2014-11-23 12:15 - 00000000 ____D () C:\Users\RBJ\voip
2014-11-23 12:09 - 2014-11-23 12:26 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-11-23 11:12 - 2014-11-23 11:51 - 38111011 _____ () C:\Users\RBJ\Downloads\install_icq8.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 10:26 - 2013-07-20 08:01 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Seznam.cz
2014-12-23 10:23 - 2009-10-11 02:00 - 01925707 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 10:22 - 2011-10-31 16:58 - 00150979 _____ () C:\ProgramData\nvModes.001
2014-12-23 10:19 - 2013-09-07 07:08 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-23 10:19 - 2011-10-31 16:51 - 00069792 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2014-12-23 10:19 - 2011-10-31 16:41 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe
2014-12-23 10:19 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-23 10:19 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 10:19 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 10:17 - 2013-09-07 07:08 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-23 10:17 - 2011-10-31 16:57 - 00150979 _____ () C:\ProgramData\nvModes.dat
2014-12-23 10:16 - 2014-10-27 15:13 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-23 10:16 - 2014-10-27 15:13 - 00001012 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-23 10:15 - 2014-07-09 19:53 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job
2014-12-23 10:15 - 2014-07-09 19:53 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job
2014-12-23 10:15 - 2013-11-07 18:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-22 18:16 - 2009-10-26 20:18 - 00137464 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-12-22 18:15 - 2009-12-30 12:12 - 00214520 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-12-22 18:15 - 2009-10-26 20:18 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2014-12-21 16:34 - 2009-10-11 07:16 - 00000000 ____D () C:\Program Files\Java
2014-12-21 16:31 - 2012-11-28 17:03 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-21 16:31 - 2011-05-25 17:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-21 16:31 - 2009-10-30 22:47 - 00000000 ____D () C:\Users\RBJ\AppData\Local\Adobe
2014-12-21 16:27 - 2012-10-13 19:10 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Skype
2014-12-21 16:27 - 2010-02-18 17:26 - 00000000 ____D () C:\Windows\system32\Adobe
2014-12-21 13:45 - 2013-12-19 17:03 - 00003252 _____ () C:\Windows\setupact.log
2014-12-21 11:05 - 2014-11-07 10:52 - 00000000 ____D () C:\Program Files\Steam
2014-12-19 20:49 - 2014-11-07 10:52 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-07 15:19 - 2012-03-07 16:11 - 00000000 ____D () C:\Users\RBJ\Documents\My Games
2014-12-07 14:29 - 2013-05-23 17:59 - 00000000 ____D () C:\Users\RBJ\Desktop\Minecraft
2014-12-06 07:58 - 2014-03-07 10:15 - 00000000 ____D () C:\Users\RBJ\Documents\Euro Truck Simulator 2
2014-12-05 18:42 - 2008-01-21 07:14 - 01523830 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 20:30 - 2006-11-02 13:58 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 20:29 - 2009-10-11 02:01 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-11-27 16:13 - 2009-10-25 16:19 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\ICQ
2014-11-23 12:28 - 2010-07-03 12:35 - 00000000 ____D () C:\Program Files\ICQ6Toolbar
2014-11-23 12:28 - 2009-10-11 07:16 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-23 12:15 - 2009-10-22 18:28 - 00000000 ____D () C:\Users\RBJ
2014-11-23 11:45 - 2009-12-27 18:06 - 00008268 _____ () C:\Users\RBJ\AppData\Local\d3d9caps.dat
2014-11-23 11:24 - 2009-11-30 21:25 - 00000000 ____D () C:\Users\RBJ\Desktop\Samik foto
2014-11-23 11:21 - 2010-01-04 14:54 - 00000190 _____ () C:\Users\RBJ\AppData\Roaming\varicad-work.ini
Files to move or delete:
====================
c:\program files\movies toolbar\datamngr\apcrtldr.dll
C:\Users\RBJ\EasyInfo.exe
C:\Users\RBJ\eauninstall.exe
C:\Users\RBJ\EReg.exe
C:\Users\RBJ\Uninstal.exe
Some content of TEMP:
====================
C:\Users\RBJ\AppData\Local\Temp\77zip.exe
C:\Users\RBJ\AppData\Local\Temp\AutoRun.exe
C:\Users\RBJ\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\RBJ\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\RBJ\AppData\Local\Temp\Delta.exe
C:\Users\RBJ\AppData\Local\Temp\DeltaTB.exe
C:\Users\RBJ\AppData\Local\Temp\drm_dyndata_7240009.dll
C:\Users\RBJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgo5tvu.dll
C:\Users\RBJ\AppData\Local\Temp\EASetup.exe
C:\Users\RBJ\AppData\Local\Temp\eauninstall.exe
C:\Users\RBJ\AppData\Local\Temp\First15.exe
C:\Users\RBJ\AppData\Local\Temp\GDFBinary.dll
C:\Users\RBJ\AppData\Local\Temp\i4jdel0.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel1.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel2.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel3.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel4.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel5.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel6.exe
C:\Users\RBJ\AppData\Local\Temp\icqsetup.exe
C:\Users\RBJ\AppData\Local\Temp\IcqUpdater.exe
C:\Users\RBJ\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\RBJ\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\RBJ\AppData\Local\Temp\KMP_3.2.0.0.exe
C:\Users\RBJ\AppData\Local\Temp\Merc2-Demo.exe
C:\Users\RBJ\AppData\Local\Temp\MybabylonTB.exe
C:\Users\RBJ\AppData\Local\Temp\rad4AE36.tmp_update.exe
C:\Users\RBJ\AppData\Local\Temp\Setup.FreeMake.Video.Downloader__8420_i1307668268_il6742.exe
C:\Users\RBJ\AppData\Local\Temp\Setup.Game.Downloader.3.9.3__8420_il64518.exe
C:\Users\RBJ\AppData\Local\Temp\SkypeSetup.exe
C:\Users\RBJ\AppData\Local\Temp\The Sims 2_uninst.exe
C:\Users\RBJ\AppData\Local\Temp\Uninstall.exe
C:\Users\RBJ\AppData\Local\Temp\VP6Install.exe
C:\Users\RBJ\AppData\Local\Temp\VP6VFW.dll
C:\Users\RBJ\AppData\Local\Temp\WSSetup.exe
C:\Users\RBJ\AppData\Local\Temp\_isB8F3.exe
C:\Users\RBJ\AppData\Local\Temp\_isD142.exe
C:\Users\RBJ\AppData\Local\Temp\_isFE99.exe
C:\Users\RBJ\AppData\Local\Temp\~dl72CD.tmp.exe
C:\Users\RBJ\AppData\Local\Temp\~dlC994.exe
C:\Users\Samík\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Samík\AppData\Local\Temp\KMP_3.2.0.0.exe
C:\Users\Samík\AppData\Local\Temp\UnityWebPlayer6239057653078763341.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-23 10:25
==================== End Of Log ============================
Ran by RBJ (administrator) on RBJ-PC on 23-12-2014 10:30:38
Running from C:\Users\RBJ\Downloads
Loaded Profile: RBJ (Available profiles: RBJ & Katka & Samík)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Roman Svihalek, Advanced Software) C:\Windows\System32\asam\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Absolute Software Corp.) C:\Windows\System32\rpcnet.exe
() C:\Windows\System32\asam\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Allstar Group, s.r.o.) C:\Program Files\GamePark2\gpcl.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TaskTray] => [X]
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483420 2009-03-31] (IDT, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-10] (Apple Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-05] (CyberLink Corp.)
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-12-11] (Dell Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-11-14] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [iLivid] => "C:\Users\RBJ\AppData\Local\iLivid\iLivid.exe" -autorun
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [iMesh] => "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Facebook Update] => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-22] (Facebook Inc.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [ICQ] => C:\Program Files\ICQ7.5\ICQ.exe [124480 2011-08-01] (ICQ, LLC.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {52f138d6-6626-11e1-a426-0c607698e54a} - H:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9562bb9e-6ae5-11e1-8700-0c607698e54a} - I:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {96fab215-a24f-11df-9b7b-0c607698e54a} - Install_Nokia_Ovi_Suite.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9caba1d9-c260-11de-9671-0c607698e54a} - F:\cdstart.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Samík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\movies toolbar\datamngr\apcrtldr.dll [489472 2014-07-02] () <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-2635682205-992849683-4104728822-1002\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VG0VZXP
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VG0VZXP
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type ... earchTerms}
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VG0VZXP
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VG0VZXP
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type ... earchTerms}
URLSearchHook: [S-1-5-21-2635682205-992849683-4104728822-1000] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... XX5VG0VZXP
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type ... earchTerms}
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type ... earchTerms}
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Movies Toolbar (Dist. by Somoto Ltd.) -> {3444c3c5-6c56-4a16-a453-832b05bf6ea4} -> C:\Program Files\Movies Toolbar\SafetyNut\SRTOOL~1\IE\searchresultsDx.dll ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: MinibarBHO -> {AA74D58F-ACD0-450D-A85E-6C04B171C044} -> C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\Program Files\Movies Toolbar\SafetyNut\SRTOOL~1\IE\searchresultsDx.dll ()
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/ ... tion32.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 20 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.24.128.8 82.119.240.3
Tcpip\..\Interfaces\{1E357D7D-8FAD-419C-98A0-87FC8960A498}: [NameServer] 91.187.32.2,77.48.100.254
FireFox:
========
FF ProfilePath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
FF NewTab: hxxp://www.delta-homes.com/newtab/?type=nt&ts= ... XX5VG0VZXP
FF DefaultSearchEngine: delta-homes
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @live.heroesandgenerals.com/npretox -> C:\Program Files\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll (Reto-Moto ApS)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: iMeshPlugin -> C:\Program Files\iMesh Applications\iMesh\npiMeshPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-23.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-24.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-25.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.gif
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.src
FF SearchPlugin: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\istartsurf.xml
FF Extension: General Crawler - C:\Users\RBJ\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-01-02]
FF Extension: Security Protection - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\detgdp@gmail.com [2014-12-23]
FF Extension: Fast Start - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\faststartff@gmail.com [2014-09-14]
FF Extension: Babylon - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\ffxtlbr@babylon.com [2012-01-02]
FF Extension: TVU Web Player - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\firefox@tvunetworks.com [2011-07-24]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27]
FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} [2014-01-02]
FF Extension: ICQ Toolbar - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2014-11-23]
FF Extension: AppsHat - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF} [2013-10-05]
FF Extension: Seznam lištička - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-06]
FF Extension: Hulksearch - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{6dfff1b3-5c82-4a33-91e2-65f51c0d090e}.xpi [2012-01-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-03-02]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\extensions\faststartff@gmail.com
FF HKLM\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\extensions\detgdp@gmail.com
FF Extension: No Name - wrc@avast.com [Not Found]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?type=sc&ts= ... XX5VG0VZXP
Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSearchURL: Default -> http://search.delta-homes.com/web/?type ... earchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Unity Player) - C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll No File
CHR Plugin: (TVU Web Player for FireFox) - C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
CHR Profile: C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Email) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-08-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-08]
CHR Extension: (YouTube) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-07]
CHR Extension: (Vyhledávání Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-07]
CHR Extension: (avast! Online Security) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-12]
CHR Extension: (AppsHat) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo [2013-10-05]
CHR Extension: (Peněženka Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-14]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-08-08]
CHR Extension: (Gmail) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-07]
CHR HKLM\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\RBJ\AppData\Local\somotomoviestoolbar1\GC\toolbar.crx [2013-08-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-02]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-09-21]
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-23]
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe http://www.delta-homes.com/?type=sc&ts= ... XX5VG0VZXP
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ActivityMon2; C:\Windows\system32\asam\svchost.exe [185856 2012-06-03] (Roman Svihalek, Advanced Software) [File not signed]
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\aestsrv.exe [81920 2009-03-31] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-02] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-14] (Cherished Technololgy LIMITED)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72224 2009-01-08] (O2Micro International)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75064 2009-12-30] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [214520 2014-12-22] ()
R2 rpcnet; C:\Windows\system32\rpcnet.exe [69792 2014-09-02] (Absolute Software Corp.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\STacSV.exe [249938 2009-03-31] (IDT, Inc.)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-14] (Fuyu LIMITED) [File not signed]
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-12-11] (Dell Inc.) [File not signed]
S2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [X] <==== ATTENTION
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [97920 2006-12-20] (QUALCOMM Incorporated)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-11-14] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-10-02] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-11] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-09-19] (BlueStack Systems)
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files\Movies Toolbar\Datamngr\setmgrc2.cfg [34168 2014-07-02] (Bandoo Media Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 O2MDGRDR; C:\Windows\System32\DRIVERS\o2mdg.sys [51616 2009-01-08] (O2Micro )
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdg.sys [41760 2009-01-08] (O2Micro )
S3 PnkBstrK; C:\Windows\system32\drivers\PnkBstrK.sys [137464 2014-12-22] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2009-12-27] () [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-28] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\Windows\System32\drivers\WmHidLo.sys [31816 2010-04-28] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-28] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-28] (Logitech Inc.)
U3 aroaef5c; C:\Windows\system32\Drivers\aroaef5c.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 10:29 - 2014-12-23 10:31 - 00037753 _____ () C:\Users\RBJ\Downloads\FRST.txt
2014-12-23 10:29 - 2014-12-23 10:30 - 00000000 ____D () C:\FRST
2014-12-23 10:28 - 2014-12-23 10:28 - 01114112 _____ (Farbar) C:\Users\RBJ\Downloads\FRST.exe
2014-12-23 10:17 - 2014-12-23 10:17 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\WinZipper
2014-12-23 10:17 - 2014-12-23 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
2014-12-21 16:35 - 2014-12-21 16:35 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-12-21 16:34 - 2014-12-21 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-21 16:34 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-21 16:34 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-21 16:34 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-21 16:34 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-21 16:33 - 2014-12-21 16:34 - 00004275 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-21 14:32 - 2014-12-21 15:39 - 1473748992 _____ () C:\Users\RBJ\Downloads\CoD4MWDemoSetup.exe
2014-12-21 10:33 - 2014-12-21 10:43 - 94264883 _____ () C:\Users\RBJ\Downloads\DanteLP-Hexxit+MC.rar
2014-12-21 10:17 - 2014-12-21 10:17 - 03170256 _____ () C:\Users\RBJ\Downloads\minecraft-1.7.10.exe.part
2014-12-20 13:17 - 2014-12-20 18:02 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-20 13:17 - 2014-12-20 13:17 - 00000000 ____D () C:\Users\RBJ\AppData\Local\UWebKit151
2014-12-20 13:16 - 2014-12-20 13:16 - 00000856 _____ () C:\Users\Public\Desktop\Shards of War.lnk
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shards of War
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\Program Files\Shards of War
2014-12-20 13:13 - 2014-12-20 13:14 - 23533016 _____ (Bigpoint GmbH ) C:\Users\RBJ\Downloads\ShardsOfWarSetup.exe
2014-12-20 11:57 - 2014-12-20 12:02 - 45503086 _____ () C:\Users\RBJ\Downloads\Minecraft-1.5.2-Hexxit.zip
2014-12-20 10:45 - 2014-12-20 11:14 - 475774532 _____ () C:\Users\RBJ\Downloads\čeština-call-of-duty-5.zip
2014-12-19 18:27 - 2014-12-19 19:21 - 1006315632 _____ () C:\Users\RBJ\Downloads\arma-2-free_1.0.zip
2014-12-17 17:15 - 2014-12-17 17:15 - 00011324 _____ () C:\Users\RBJ\Downloads\Sleeping_Beauty.torrent
2014-12-17 17:14 - 2014-12-17 17:14 - 00072852 _____ () C:\Users\RBJ\Downloads\Sleeping-Dogs-Definitive-Edition-PC-full-game-^^nosTEAM^^.torrent
2014-12-07 18:29 - 2014-12-07 18:29 - 00463724 _____ () C:\Users\RBJ\Downloads\minecraft-1-7-3-plna-hra-zdarma.zip
2014-12-07 18:24 - 2014-12-21 10:20 - 06830478 _____ (MINECRAFT ) C:\Users\RBJ\Downloads\MINECRAFT-1-7-2-plna-hra-zdarma.exe.part
2014-12-07 17:42 - 2014-12-07 17:42 - 00263186 _____ () C:\Users\RBJ\Downloads\minecraft_1.7.10.exe
2014-12-07 17:25 - 2014-12-07 17:25 - 00263186 _____ () C:\Users\RBJ\Downloads\Minecraft(7).exe
2014-12-07 15:17 - 2014-12-07 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator
2014-12-07 15:17 - 2014-12-07 15:17 - 00000000 ____D () C:\Program Files\Goat Simulator
2014-12-07 14:06 - 2014-12-07 15:14 - 640813276 _____ () C:\Users\RBJ\Downloads\Goat-Simulator-Pikachu92.rar
2014-12-07 14:05 - 2014-12-07 14:05 - 00030085 _____ () C:\Users\RBJ\Downloads\Goat.Simulator.2014-RELOADED.rar
2014-12-05 20:27 - 2014-12-07 11:02 - 00000000 ____D () C:\Program Files\WarThunder
2014-12-05 20:27 - 2014-12-05 20:27 - 00001642 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-12-05 20:27 - 2014-12-05 20:27 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-12-05 20:26 - 2014-12-05 20:27 - 04708944 _____ (Gaijin Entertainment ) C:\Users\RBJ\Downloads\wt_launcher_1.0.1.465.exe
2014-11-27 16:44 - 2014-11-27 16:44 - 00263186 _____ () C:\Users\RBJ\Downloads\minecraft_1.7.9.exe
2014-11-27 16:28 - 2014-11-27 16:28 - 00044681 _____ () C:\Users\RBJ\Downloads\Team-Fortress-2-Hack.rar
2014-11-26 19:29 - 2014-11-26 19:29 - 01142392 _____ () C:\Users\RBJ\Downloads\SteamSetup.exe
2014-11-26 19:29 - 2014-11-26 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-26 17:39 - 2014-11-26 17:39 - 04508416 _____ () C:\Users\RBJ\Downloads\serviceCar.zip
2014-11-25 19:46 - 2014-11-25 19:46 - 04746336 _____ (GIANTS Software GmbH) C:\Users\RBJ\Downloads\atv.exe
2014-11-25 19:33 - 2014-11-25 19:42 - 212871024 _____ (GIANTS Software ) C:\Users\RBJ\Downloads\FarmingSimulator2015Patch1.1.0.1CZ.exe
2014-11-25 19:06 - 2014-11-25 19:06 - 00000970 _____ () C:\Users\RBJ\Desktop\Farming Simulator 2013 .lnk
2014-11-25 19:06 - 2014-11-25 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013
2014-11-25 19:03 - 2014-11-25 19:06 - 00000000 ____D () C:\Program Files\Farming Simulator 2013
2014-11-25 18:55 - 2014-11-26 19:55 - 00000000 ____D () C:\Users\RBJ\Desktop\Nová složka
2014-11-25 17:22 - 2014-11-25 17:22 - 00000266 _____ () C:\Users\RBJ\Downloads\Call-of-Duty-Modern-Warfare-3-crack.zip
2014-11-23 17:45 - 2014-11-23 18:42 - 1614121603 _____ () C:\Users\RBJ\Downloads\Farming-Simulator-2013--cz.rar
2014-11-23 12:28 - 2014-11-23 12:28 - 00001571 _____ () C:\Users\Public\Desktop\ICQ7.5.lnk
2014-11-23 12:28 - 2014-11-23 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
2014-11-23 12:27 - 2014-11-27 16:12 - 00000000 ____D () C:\Program Files\ICQ7.5
2014-11-23 12:25 - 2014-11-23 12:26 - 13080792 _____ (ICQ) C:\Users\RBJ\Downloads\icq_7.5.exe
2014-11-23 12:15 - 2014-11-23 12:15 - 00000000 ____D () C:\Users\RBJ\voip
2014-11-23 12:09 - 2014-11-23 12:26 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-11-23 11:12 - 2014-11-23 11:51 - 38111011 _____ () C:\Users\RBJ\Downloads\install_icq8.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 10:26 - 2013-07-20 08:01 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Seznam.cz
2014-12-23 10:23 - 2009-10-11 02:00 - 01925707 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 10:22 - 2011-10-31 16:58 - 00150979 _____ () C:\ProgramData\nvModes.001
2014-12-23 10:19 - 2013-09-07 07:08 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-23 10:19 - 2011-10-31 16:51 - 00069792 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2014-12-23 10:19 - 2011-10-31 16:41 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe
2014-12-23 10:19 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-23 10:19 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 10:19 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 10:17 - 2013-09-07 07:08 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-23 10:17 - 2011-10-31 16:57 - 00150979 _____ () C:\ProgramData\nvModes.dat
2014-12-23 10:16 - 2014-10-27 15:13 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-23 10:16 - 2014-10-27 15:13 - 00001012 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-23 10:15 - 2014-07-09 19:53 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job
2014-12-23 10:15 - 2014-07-09 19:53 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job
2014-12-23 10:15 - 2013-11-07 18:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-22 18:16 - 2009-10-26 20:18 - 00137464 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-12-22 18:15 - 2009-12-30 12:12 - 00214520 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-12-22 18:15 - 2009-10-26 20:18 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2014-12-21 16:34 - 2009-10-11 07:16 - 00000000 ____D () C:\Program Files\Java
2014-12-21 16:31 - 2012-11-28 17:03 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-21 16:31 - 2011-05-25 17:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-21 16:31 - 2009-10-30 22:47 - 00000000 ____D () C:\Users\RBJ\AppData\Local\Adobe
2014-12-21 16:27 - 2012-10-13 19:10 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Skype
2014-12-21 16:27 - 2010-02-18 17:26 - 00000000 ____D () C:\Windows\system32\Adobe
2014-12-21 13:45 - 2013-12-19 17:03 - 00003252 _____ () C:\Windows\setupact.log
2014-12-21 11:05 - 2014-11-07 10:52 - 00000000 ____D () C:\Program Files\Steam
2014-12-19 20:49 - 2014-11-07 10:52 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-07 15:19 - 2012-03-07 16:11 - 00000000 ____D () C:\Users\RBJ\Documents\My Games
2014-12-07 14:29 - 2013-05-23 17:59 - 00000000 ____D () C:\Users\RBJ\Desktop\Minecraft
2014-12-06 07:58 - 2014-03-07 10:15 - 00000000 ____D () C:\Users\RBJ\Documents\Euro Truck Simulator 2
2014-12-05 18:42 - 2008-01-21 07:14 - 01523830 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 20:30 - 2006-11-02 13:58 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 20:29 - 2009-10-11 02:01 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-11-27 16:13 - 2009-10-25 16:19 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\ICQ
2014-11-23 12:28 - 2010-07-03 12:35 - 00000000 ____D () C:\Program Files\ICQ6Toolbar
2014-11-23 12:28 - 2009-10-11 07:16 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-23 12:15 - 2009-10-22 18:28 - 00000000 ____D () C:\Users\RBJ
2014-11-23 11:45 - 2009-12-27 18:06 - 00008268 _____ () C:\Users\RBJ\AppData\Local\d3d9caps.dat
2014-11-23 11:24 - 2009-11-30 21:25 - 00000000 ____D () C:\Users\RBJ\Desktop\Samik foto
2014-11-23 11:21 - 2010-01-04 14:54 - 00000190 _____ () C:\Users\RBJ\AppData\Roaming\varicad-work.ini
Files to move or delete:
====================
c:\program files\movies toolbar\datamngr\apcrtldr.dll
C:\Users\RBJ\EasyInfo.exe
C:\Users\RBJ\eauninstall.exe
C:\Users\RBJ\EReg.exe
C:\Users\RBJ\Uninstal.exe
Some content of TEMP:
====================
C:\Users\RBJ\AppData\Local\Temp\77zip.exe
C:\Users\RBJ\AppData\Local\Temp\AutoRun.exe
C:\Users\RBJ\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\RBJ\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\RBJ\AppData\Local\Temp\Delta.exe
C:\Users\RBJ\AppData\Local\Temp\DeltaTB.exe
C:\Users\RBJ\AppData\Local\Temp\drm_dyndata_7240009.dll
C:\Users\RBJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgo5tvu.dll
C:\Users\RBJ\AppData\Local\Temp\EASetup.exe
C:\Users\RBJ\AppData\Local\Temp\eauninstall.exe
C:\Users\RBJ\AppData\Local\Temp\First15.exe
C:\Users\RBJ\AppData\Local\Temp\GDFBinary.dll
C:\Users\RBJ\AppData\Local\Temp\i4jdel0.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel1.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel2.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel3.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel4.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel5.exe
C:\Users\RBJ\AppData\Local\Temp\i4jdel6.exe
C:\Users\RBJ\AppData\Local\Temp\icqsetup.exe
C:\Users\RBJ\AppData\Local\Temp\IcqUpdater.exe
C:\Users\RBJ\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\RBJ\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\RBJ\AppData\Local\Temp\KMP_3.2.0.0.exe
C:\Users\RBJ\AppData\Local\Temp\Merc2-Demo.exe
C:\Users\RBJ\AppData\Local\Temp\MybabylonTB.exe
C:\Users\RBJ\AppData\Local\Temp\rad4AE36.tmp_update.exe
C:\Users\RBJ\AppData\Local\Temp\Setup.FreeMake.Video.Downloader__8420_i1307668268_il6742.exe
C:\Users\RBJ\AppData\Local\Temp\Setup.Game.Downloader.3.9.3__8420_il64518.exe
C:\Users\RBJ\AppData\Local\Temp\SkypeSetup.exe
C:\Users\RBJ\AppData\Local\Temp\The Sims 2_uninst.exe
C:\Users\RBJ\AppData\Local\Temp\Uninstall.exe
C:\Users\RBJ\AppData\Local\Temp\VP6Install.exe
C:\Users\RBJ\AppData\Local\Temp\VP6VFW.dll
C:\Users\RBJ\AppData\Local\Temp\WSSetup.exe
C:\Users\RBJ\AppData\Local\Temp\_isB8F3.exe
C:\Users\RBJ\AppData\Local\Temp\_isD142.exe
C:\Users\RBJ\AppData\Local\Temp\_isFE99.exe
C:\Users\RBJ\AppData\Local\Temp\~dl72CD.tmp.exe
C:\Users\RBJ\AppData\Local\Temp\~dlC994.exe
C:\Users\Samík\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Samík\AppData\Local\Temp\KMP_3.2.0.0.exe
C:\Users\Samík\AppData\Local\Temp\UnityWebPlayer6239057653078763341.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-23 10:25
==================== End Of Log ============================
Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím kontrolu, pomalý NoteBook. Děkuji
# AdwCleaner v4.106 - Report created 23/12/2014 at 12:27:11
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : RBJ - RBJ-PC
# Running from : C:\Users\RBJ\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
[#] Service Deleted : winzipersvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\iMesh Applications
Folder Deleted : C:\Program Files\LemurLeap
Folder Deleted : C:\Program Files\Minibar
Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\Users\RBJ\AppData\Local\Temp\WinZipper
Folder Deleted : C:\Users\Katka\AppData\LocalLow\somotomoviestoolbar1
Folder Deleted : C:\Users\Katka\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Katka\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\Katka\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\RBJ\AppData\Local\AppsHat Mobile Apps
Folder Deleted : C:\Users\RBJ\AppData\Local\iMesh
Folder Deleted : C:\Users\RBJ\AppData\Local\Minibar
Folder Deleted : C:\Users\RBJ\AppData\Local\PackageAware
Folder Deleted : C:\Users\RBJ\AppData\Local\somotomoviestoolbar1
Folder Deleted : C:\Users\RBJ\AppData\Local\webplayer
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\ilividmoviestoolbarha
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\somotomoviestoolbar1
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Babylon
Folder Deleted : C:\Users\RBJ\AppData\Roaming\istartsurf
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Movies Toolbar
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\RBJ\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\RBJ\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\RBJ\Documents\iMesh
Folder Deleted : C:\Users\Samík\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Samík\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Samík\AppData\LocalLow\somotomoviestoolbar1
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Folder Deleted : C:\Users\Samík\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Samík\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Folder Deleted : C:\Users\Samík\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Users\RBJ\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.src
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-20.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-21.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-22.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-23.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-24.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-25.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\istartsurf.xml
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle\SweeetPlayer bundle.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\RBJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3444C3C5-6C56-4A16-A453-832B05BF6EA4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\somotomoviestoolbar1
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\VIS
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\somotomoviestoolbar1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
Key Deleted : HKLM\SOFTWARE\Driver-Soft
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\Minibar
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1CR
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1IE
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AppsHat Mobile Apps
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\istartsurf uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WindowsMangerProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\somotomoviestoolbar1CR
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\somotomoviestoolbar1IE
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istartsurf.com
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16457
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v33.0.2 (x86 cs)
[9qdal2wi.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[9qdal2wi.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[9qdal2wi.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?type=nt&ts= ... XX5VG0VZXP");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "delta-homes");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "delta-homes");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.enabledAddons", "detgdp%40gmail.com:1.0.0,gencrawler%40some.com:2.0,wrc%40avast.com:9.0.2021.112,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0.2");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.gencrawler@some.com.install-event-fired", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.hatterPEligible", "false");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k1", "3");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k2", "0");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k3", "1416734406690");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k4", "0");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k5", "1416735474064");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.lastActivePing", "1407952393895");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.weather.location", "10001");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.BUTTON_STRUCTURE", "[{\"b\":220474668,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":220474669,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.firstKnownVersion", "5.75.3.8617");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?n=780baab4&p2=^HJ^xpi000^YYA^");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2014030516");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xpi000^YYA^");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.isCompliantUninstallImplementation", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastKnownVersion", "5.75.3.8617");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.partnerPixelFired", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.toolbarCollapsed", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "mapsgalaxy@mindspark.com");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.defSearchChange", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.geolastmodified", 1416328102);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.history", "icqhexyt%20minecrafthexytyhxxp%3A%2F%2Fwww.8581.com%2Fcs%2FOVLADANI%20NA%20COMBAT%20EXTREM%20-%203D%20SHOTEbrazilgame%20parkSEZNAMpixwordsfacebook[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.hpChange", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1343315485");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installsource", "1");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.previousFFVersion", "33.0.2");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uniqueID", "127814484812781448481278160919075");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1416679170);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.userEngineApproved", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[7eq9j0kc.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[7eq9j0kc.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[7eq9j0kc.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
-\\ Google Chrome v39.0.2171.95
[C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=400&systemid=406&v=a13251-215&apn_uid=4324115422514662&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1410 ... earchTerms}
[C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1410 ... earchTerms}
[C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1419326174&from=wpm12233&uid=ST9250410ASG_5VG0VZXPXXXX5VG0VZXP&q={searchTerms}
*************************
AdwCleaner[R0].txt - [37670 octets] - [23/12/2014 11:58:39]
AdwCleaner[S0].txt - [36081 octets] - [23/12/2014 12:27:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [36142 octets] ##########
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : RBJ - RBJ-PC
# Running from : C:\Users\RBJ\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
[#] Service Deleted : winzipersvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\iMesh Applications
Folder Deleted : C:\Program Files\LemurLeap
Folder Deleted : C:\Program Files\Minibar
Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\Users\RBJ\AppData\Local\Temp\WinZipper
Folder Deleted : C:\Users\Katka\AppData\LocalLow\somotomoviestoolbar1
Folder Deleted : C:\Users\Katka\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Katka\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\Katka\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\RBJ\AppData\Local\AppsHat Mobile Apps
Folder Deleted : C:\Users\RBJ\AppData\Local\iMesh
Folder Deleted : C:\Users\RBJ\AppData\Local\Minibar
Folder Deleted : C:\Users\RBJ\AppData\Local\PackageAware
Folder Deleted : C:\Users\RBJ\AppData\Local\somotomoviestoolbar1
Folder Deleted : C:\Users\RBJ\AppData\Local\webplayer
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\ilividmoviestoolbarha
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\RBJ\AppData\LocalLow\somotomoviestoolbar1
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Babylon
Folder Deleted : C:\Users\RBJ\AppData\Roaming\istartsurf
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Movies Toolbar
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\RBJ\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\RBJ\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\RBJ\Documents\iMesh
Folder Deleted : C:\Users\Samík\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Samík\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Samík\AppData\LocalLow\somotomoviestoolbar1
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Folder Deleted : C:\Users\Samík\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Samík\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Folder Deleted : C:\Users\Samík\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Users\RBJ\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.src
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-20.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-21.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-22.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-23.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-24.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-25.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\istartsurf.xml
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle\SweeetPlayer bundle.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\RBJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3444C3C5-6C56-4A16-A453-832B05BF6EA4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\somotomoviestoolbar1
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\VIS
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\somotomoviestoolbar1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
Key Deleted : HKLM\SOFTWARE\Driver-Soft
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\Minibar
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1CR
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1IE
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AppsHat Mobile Apps
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\istartsurf uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WindowsMangerProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\somotomoviestoolbar1CR
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\somotomoviestoolbar1IE
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istartsurf.com
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16457
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v33.0.2 (x86 cs)
[9qdal2wi.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[9qdal2wi.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[9qdal2wi.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?type=nt&ts= ... XX5VG0VZXP");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "delta-homes");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "delta-homes");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.enabledAddons", "detgdp%40gmail.com:1.0.0,gencrawler%40some.com:2.0,wrc%40avast.com:9.0.2021.112,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0.2");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.gencrawler@some.com.install-event-fired", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.hatterPEligible", "false");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k1", "3");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k2", "0");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k3", "1416734406690");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k4", "0");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.m2_k5", "1416735474064");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.lastActivePing", "1407952393895");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.weather.location", "10001");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.BUTTON_STRUCTURE", "[{\"b\":220474668,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":220474669,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.firstKnownVersion", "5.75.3.8617");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?n=780baab4&p2=^HJ^xpi000^YYA^");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2014030516");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xpi000^YYA^");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.isCompliantUninstallImplementation", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastKnownVersion", "5.75.3.8617");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.partnerPixelFired", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.toolbarCollapsed", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "mapsgalaxy@mindspark.com");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.defSearchChange", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.geolastmodified", 1416328102);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.history", "icqhexyt%20minecrafthexytyhxxp%3A%2F%2Fwww.8581.com%2Fcs%2FOVLADANI%20NA%20COMBAT%20EXTREM%20-%203D%20SHOTEbrazilgame%20parkSEZNAMpixwordsfacebook[...]
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.hpChange", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1343315485");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installsource", "1");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.previousFFVersion", "33.0.2");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uniqueID", "127814484812781448481278160919075");
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1416679170);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.userEngineApproved", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[qkhuqvuj.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[7eq9j0kc.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[7eq9j0kc.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[7eq9j0kc.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
-\\ Google Chrome v39.0.2171.95
[C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=400&systemid=406&v=a13251-215&apn_uid=4324115422514662&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1410 ... earchTerms}
[C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1410 ... earchTerms}
[C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1419326174&from=wpm12233&uid=ST9250410ASG_5VG0VZXPXXXX5VG0VZXP&q={searchTerms}
*************************
AdwCleaner[R0].txt - [37670 octets] - [23/12/2014 11:58:39]
AdwCleaner[S0].txt - [36081 octets] - [23/12/2014 12:27:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [36142 octets] ##########
Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Pokracujte Zoek-em
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím kontrolu, pomalý NoteBook. Děkuji
stáhnul jsem postupně všechny tři soubory zoek, ale stahování vždy selže a přeruší se spojení, fungoval jen exe soubor, přikterém mi vyběhne dole hláška viz obr. poté jsem zoek spustil, ale log mi nedal ani po restartu, nevím nějak se mi to nezdá.. 
- zoekerror.jpg (12.91 KiB) Zobrazeno 3151 x
Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Dejte tedy novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Tak jsem to zkusil jeste pres flashku a stopnul avast, tak se to asi podařilo, tady je log ze zoek..
Zoek.exe v5.0.0.0 Updated 23-12-2014
Tool run by RBJ on Łt 23.12.2014 at 21:27:20,02.
Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\RBJ\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-12-23-194507.log 27270 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\RBJ\AppData\Roaming\TomTom\HOME\Profiles\xdulofnu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\RBJ\AppData\Roaming\TomTom\HOME\Profiles\xdulofnu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\SAMK~1\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\SAMK~1\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_23.12.2014_2143_.backup
ProfilePath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
user.js not found
---- Lines kango removed from prefs.js ----
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private
---- FireFox user.js and prefs.js backups ----
prefs_23.12.2014_2143_.backup
ProfilePath: C:\Users\RBJ\AppData\Roaming\TomTom\HOME\Profiles\xdulofnu.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_23.12.2014_2143_.backup
ProfilePath: C:\Users\SAMK~1\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_23.12.2014_2143_.backup
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"detgdp@gmail.com"="C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\extensions\detgdp@gmail.com" [23.12.2014 10:16]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
ProfilePath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - detgdp@gmail.com
- Undetermined - wrc@avast.com
- Security Protection - %ProfilePath%\extensions\detgdp@gmail.com
- TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Hulksearch - %ProfilePath%\extensions\{6dfff1b3-5c82-4a33-91e2-65f51c0d090e}.xpi
ProfilePath: C:\Users\RBJ\AppData\Roaming\TomTom\HOME\Profiles\xdulofnu.default
- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
ProfilePath: C:\Users\SAMK~1\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
1959AF26718C63AA015D7C4F5C1F538B - C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll - Shockwave for Director / Shockwave for Director
D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update
06DBB13F22F34314D8FB57D1139EBB67 - C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71
1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14
3CD19649B2C3023D65E67C056457A2BC - C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
8E151A2A185DAF9852322028ABE55534 - C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll - Silverlight Plug-In
8E9A08E2092B3E1ADFF3C46BC1A5124B - C:\Windows\system32\TVUAx\npTVUAx.dll - TVU Web Player for FireFox
683E6C0D2DE6B09E173B193D6B8D1CB1 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.5
E08E67CD1D53C83C696B7E731F3794C0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.5
CE34BB9EC3ADB3E88BE810D0C5FDDE4B - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.5
A60B3186F98F589E4F8001A4C720702A - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.5
EE450CC159F2650E70ACFB99D45494DE - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.5
840C5A58162FB6F02AAC2ED76E0B6641 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.5
DA548872C3126B09D7832B4ABEB54116 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.5
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
6DE7BF0DADC0881F7ED82D9FCC998B89 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
8B93EF56BEF58F2EB6B6D92B57715131 - C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrlui.dll - Microsoft (R) Silverlight
==== Chromium Look ======================
Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02.10.2014 18:40]
avast WebRep - Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Seznam Lištička - Email - RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LištiÄŤka - SlovnĂk - RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
avast Online Security - RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Seznam Lištička - Rychlá volba - RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
avast WebRep - SAMK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Chrome In-App Payments service - SAMK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba - SAMK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\RBJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\SAMK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\SAMK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\RBJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Katka\AppData\Local\Mozilla\Firefox\Profiles\9qdal2wi.default\Cache emptied successfully
C:\Users\RBJ\AppData\Local\Mozilla\Firefox\Profiles\qkhuqvuj.default\cache2 emptied successfully
C:\Users\SAMK~1\AppData\Local\Mozilla\Firefox\Profiles\7eq9j0kc.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\SAMK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=82 folders=22 9662819 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Katka\AppData\Local\Temp emptied successfully
C:\Users\RBJ\AppData\Local\Temp will be emptied at reboot
C:\Users\SAMK~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\RBJ\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\RBJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on Łt 23.12.2014 at 21:59:02,24 ======================
Zoek.exe v5.0.0.0 Updated 23-12-2014
Tool run by RBJ on Łt 23.12.2014 at 21:27:20,02.
Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\RBJ\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-12-23-194507.log 27270 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\RBJ\AppData\Roaming\TomTom\HOME\Profiles\xdulofnu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\RBJ\AppData\Roaming\TomTom\HOME\Profiles\xdulofnu.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\SAMK~1\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\SAMK~1\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_23.12.2014_2143_.backup
ProfilePath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
user.js not found
---- Lines kango removed from prefs.js ----
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private
---- FireFox user.js and prefs.js backups ----
prefs_23.12.2014_2143_.backup
ProfilePath: C:\Users\RBJ\AppData\Roaming\TomTom\HOME\Profiles\xdulofnu.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_23.12.2014_2143_.backup
ProfilePath: C:\Users\SAMK~1\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_23.12.2014_2143_.backup
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"detgdp@gmail.com"="C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\extensions\detgdp@gmail.com" [23.12.2014 10:16]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\9qdal2wi.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
ProfilePath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - detgdp@gmail.com
- Undetermined - wrc@avast.com
- Security Protection - %ProfilePath%\extensions\detgdp@gmail.com
- TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Hulksearch - %ProfilePath%\extensions\{6dfff1b3-5c82-4a33-91e2-65f51c0d090e}.xpi
ProfilePath: C:\Users\RBJ\AppData\Roaming\TomTom\HOME\Profiles\xdulofnu.default
- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
ProfilePath: C:\Users\SAMK~1\AppData\Roaming\Mozilla\Firefox\Profiles\7eq9j0kc.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
1959AF26718C63AA015D7C4F5C1F538B - C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll - Shockwave for Director / Shockwave for Director
D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update
06DBB13F22F34314D8FB57D1139EBB67 - C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71
1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14
3CD19649B2C3023D65E67C056457A2BC - C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
8E151A2A185DAF9852322028ABE55534 - C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll - Silverlight Plug-In
8E9A08E2092B3E1ADFF3C46BC1A5124B - C:\Windows\system32\TVUAx\npTVUAx.dll - TVU Web Player for FireFox
683E6C0D2DE6B09E173B193D6B8D1CB1 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.5
E08E67CD1D53C83C696B7E731F3794C0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.5
CE34BB9EC3ADB3E88BE810D0C5FDDE4B - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.5
A60B3186F98F589E4F8001A4C720702A - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.5
EE450CC159F2650E70ACFB99D45494DE - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.5
840C5A58162FB6F02AAC2ED76E0B6641 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.5
DA548872C3126B09D7832B4ABEB54116 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.5
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
6DE7BF0DADC0881F7ED82D9FCC998B89 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
8B93EF56BEF58F2EB6B6D92B57715131 - C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrlui.dll - Microsoft (R) Silverlight
==== Chromium Look ======================
Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02.10.2014 18:40]
avast WebRep - Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Seznam Lištička - Email - RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LištiÄŤka - SlovnĂk - RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
avast Online Security - RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Seznam Lištička - Rychlá volba - RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
avast WebRep - SAMK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Chrome In-App Payments service - SAMK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba - SAMK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\RBJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\SAMK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\SAMK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\RBJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Katka\AppData\Local\Mozilla\Firefox\Profiles\9qdal2wi.default\Cache emptied successfully
C:\Users\RBJ\AppData\Local\Mozilla\Firefox\Profiles\qkhuqvuj.default\cache2 emptied successfully
C:\Users\SAMK~1\AppData\Local\Mozilla\Firefox\Profiles\7eq9j0kc.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\SAMK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=82 folders=22 9662819 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Katka\AppData\Local\Temp emptied successfully
C:\Users\RBJ\AppData\Local\Temp will be emptied at reboot
C:\Users\SAMK~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\RBJ\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\RBJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on Łt 23.12.2014 at 21:59:02,24 ======================
Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Ten Avast nam tam delal zrejme neplechu 
Nyni dejte novy log z FRST
Nyni dejte novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Dobrý den,
v první řadě přeji veselé Vánoce a bohatého Ježíška a děkuji...
tady je log..
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-12-2014
Ran by RBJ (administrator) on RBJ-PC on 24-12-2014 08:06:46
Running from C:\Users\RBJ\Desktop
Loaded Profile: RBJ (Available profiles: RBJ & Katka & Samík)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Roman Svihalek, Advanced Software) C:\Windows\System32\asam\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Absolute Software Corp.) C:\Windows\System32\rpcnet.exe
() C:\Windows\System32\asam\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\RBJ\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TaskTray] => [X]
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483420 2009-03-31] (IDT, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-10] (Apple Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-05] (CyberLink Corp.)
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-12-11] (Dell Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-11-14] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [iMesh] => "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Facebook Update] => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-22] (Facebook Inc.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {52f138d6-6626-11e1-a426-0c607698e54a} - H:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9562bb9e-6ae5-11e1-8700-0c607698e54a} - I:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {96fab215-a24f-11df-9b7b-0c607698e54a} - Install_Nokia_Ovi_Suite.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9caba1d9-c260-11de-9671-0c607698e54a} - F:\cdstart.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Samík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-2635682205-992849683-4104728822-1002\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
URLSearchHook: [S-1-5-21-2635682205-992849683-4104728822-1000] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/ ... tion32.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 212.24.128.8 82.119.240.3
Tcpip\..\Interfaces\{1E357D7D-8FAD-419C-98A0-87FC8960A498}: [NameServer] 91.187.32.2,77.48.100.254
FireFox:
========
FF ProfilePath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @live.heroesandgenerals.com/npretox -> C:\Program Files\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll (Reto-Moto ApS)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: iMeshPlugin -> C:\Program Files\iMesh Applications\iMesh\npiMeshPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Security Protection - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\detgdp@gmail.com [2014-12-23]
FF Extension: TVU Web Player - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\firefox@tvunetworks.com [2011-07-24]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27]
FF Extension: Hulksearch - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{6dfff1b3-5c82-4a33-91e2-65f51c0d090e}.xpi [2012-01-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-03-02]
FF HKLM\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\extensions\detgdp@gmail.com
FF Extension: No Name - wrc@avast.com [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-23]
CHR Extension: (Dokumenty Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-23]
CHR Extension: (Disk Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-23]
CHR Extension: (Seznam Lištička - Email) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-08-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-08]
CHR Extension: (YouTube) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-07]
CHR Extension: (Vyhledávání Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-07]
CHR Extension: (Tabulky Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-23]
CHR Extension: (Avast Online Security) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-12]
CHR Extension: (Peněženka Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-14]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-08-08]
CHR Extension: (Gmail) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-07]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-02]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ActivityMon2; C:\Windows\system32\asam\svchost.exe [185856 2012-06-03] (Roman Svihalek, Advanced Software) [File not signed]
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\aestsrv.exe [81920 2009-03-31] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-02] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72224 2009-01-08] (O2Micro International)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75064 2009-12-30] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [214520 2014-12-23] ()
R2 rpcnet; C:\Windows\system32\rpcnet.exe [69792 2014-09-02] (Absolute Software Corp.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\STacSV.exe [249938 2009-03-31] (IDT, Inc.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-12-11] (Dell Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [97920 2006-12-20] (QUALCOMM Incorporated)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-11-14] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-10-02] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-11] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-09-19] (BlueStack Systems)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 O2MDGRDR; C:\Windows\System32\DRIVERS\o2mdg.sys [51616 2009-01-08] (O2Micro )
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdg.sys [41760 2009-01-08] (O2Micro )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2009-12-27] () [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-28] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\Windows\System32\drivers\WmHidLo.sys [31816 2010-04-28] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-28] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-28] (Logitech Inc.)
U3 ax6e4xvd; C:\Windows\system32\Drivers\ax6e4xvd.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-24 08:06 - 2014-12-24 08:07 - 00021530 _____ () C:\Users\RBJ\Desktop\FRST.txt
2014-12-24 08:06 - 2014-12-24 08:06 - 00000000 ____D () C:\FRST
2014-12-24 08:05 - 2014-12-24 08:05 - 01114112 _____ (Farbar) C:\Users\RBJ\Desktop\FRST.exe
2014-12-24 08:05 - 2014-12-24 08:05 - 00112640 _____ (forum.viry.cz) C:\Users\RBJ\Desktop\FRSTLauncher.exe
2014-12-23 21:46 - 2014-12-23 21:27 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-23 21:28 - 2014-12-23 20:45 - 00027270 _____ () C:\zoek-results2014-12-23-194507.log
2014-12-23 20:56 - 2014-12-23 20:56 - 01295360 _____ () C:\Users\RBJ\Downloads\zoek.exe
2014-12-23 20:51 - 2014-12-23 21:26 - 04134156 _____ () C:\Users\RBJ\Downloads\zoek.zip
2014-12-23 20:49 - 2014-12-23 21:22 - 01295360 _____ () C:\Users\RBJ\Desktop\zoek.exe
2014-12-23 19:16 - 2014-12-23 21:59 - 00000000 ____D () C:\zoek
2014-12-23 19:00 - 2014-12-23 21:59 - 00017790 _____ () C:\zoek-results.log
2014-12-23 18:54 - 2014-12-23 20:51 - 04278341 _____ () C:\Users\RBJ\Downloads\zoek.rar.part
2014-12-23 18:52 - 2014-12-23 21:43 - 00000000 ____D () C:\zoek_backup
2014-12-23 11:58 - 2014-12-23 12:28 - 00000000 ____D () C:\AdwCleaner
2014-12-23 11:57 - 2014-12-23 11:57 - 02173952 _____ () C:\Users\RBJ\Desktop\adwcleaner_4.106.exe
2014-12-23 10:31 - 2014-12-23 10:31 - 00040782 _____ () C:\Users\RBJ\Downloads\Addition.txt
2014-12-21 16:35 - 2014-12-21 16:35 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-12-21 16:34 - 2014-12-21 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-21 16:34 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-21 16:34 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-21 16:34 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-21 16:34 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-21 16:33 - 2014-12-21 16:34 - 00004275 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-21 14:32 - 2014-12-21 15:39 - 1473748992 _____ () C:\Users\RBJ\Downloads\CoD4MWDemoSetup.exe
2014-12-21 10:33 - 2014-12-21 10:43 - 94264883 _____ () C:\Users\RBJ\Downloads\DanteLP-Hexxit+MC.rar
2014-12-21 10:17 - 2014-12-21 10:17 - 03170256 _____ () C:\Users\RBJ\Downloads\minecraft-1.7.10.exe.part
2014-12-20 13:17 - 2014-12-20 13:17 - 00000000 ____D () C:\Users\RBJ\AppData\Local\UWebKit151
2014-12-20 13:16 - 2014-12-20 13:16 - 00000856 _____ () C:\Users\Public\Desktop\Shards of War.lnk
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shards of War
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\Program Files\Shards of War
2014-12-20 13:13 - 2014-12-20 13:14 - 23533016 _____ (Bigpoint GmbH ) C:\Users\RBJ\Downloads\ShardsOfWarSetup.exe
2014-12-20 11:57 - 2014-12-20 12:02 - 45503086 _____ () C:\Users\RBJ\Downloads\Minecraft-1.5.2-Hexxit.zip
2014-12-20 10:45 - 2014-12-20 11:14 - 475774532 _____ () C:\Users\RBJ\Downloads\čeština-call-of-duty-5.zip
2014-12-19 18:27 - 2014-12-19 19:21 - 1006315632 _____ () C:\Users\RBJ\Downloads\arma-2-free_1.0.zip
2014-12-17 17:15 - 2014-12-17 17:15 - 00011324 _____ () C:\Users\RBJ\Downloads\Sleeping_Beauty.torrent
2014-12-17 17:14 - 2014-12-17 17:14 - 00072852 _____ () C:\Users\RBJ\Downloads\Sleeping-Dogs-Definitive-Edition-PC-full-game-^^nosTEAM^^.torrent
2014-12-07 18:29 - 2014-12-07 18:29 - 00463724 _____ () C:\Users\RBJ\Downloads\minecraft-1-7-3-plna-hra-zdarma.zip
2014-12-07 18:24 - 2014-12-21 10:20 - 06830478 _____ (MINECRAFT ) C:\Users\RBJ\Downloads\MINECRAFT-1-7-2-plna-hra-zdarma.exe.part
2014-12-07 17:42 - 2014-12-07 17:42 - 00263186 _____ () C:\Users\RBJ\Downloads\minecraft_1.7.10.exe
2014-12-07 17:25 - 2014-12-07 17:25 - 00263186 _____ () C:\Users\RBJ\Downloads\Minecraft(7).exe
2014-12-07 15:17 - 2014-12-07 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator
2014-12-07 15:17 - 2014-12-07 15:17 - 00000000 ____D () C:\Program Files\Goat Simulator
2014-12-07 14:06 - 2014-12-07 15:14 - 640813276 _____ () C:\Users\RBJ\Downloads\Goat-Simulator-Pikachu92.rar
2014-12-07 14:05 - 2014-12-07 14:05 - 00030085 _____ () C:\Users\RBJ\Downloads\Goat.Simulator.2014-RELOADED.rar
2014-12-05 20:27 - 2014-12-07 11:02 - 00000000 ____D () C:\Program Files\WarThunder
2014-12-05 20:27 - 2014-12-05 20:27 - 00001642 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-12-05 20:27 - 2014-12-05 20:27 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-12-05 20:26 - 2014-12-05 20:27 - 04708944 _____ (Gaijin Entertainment ) C:\Users\RBJ\Downloads\wt_launcher_1.0.1.465.exe
2014-11-27 16:44 - 2014-11-27 16:44 - 00263186 _____ () C:\Users\RBJ\Downloads\minecraft_1.7.9.exe
2014-11-27 16:28 - 2014-11-27 16:28 - 00044681 _____ () C:\Users\RBJ\Downloads\Team-Fortress-2-Hack.rar
2014-11-26 19:29 - 2014-11-26 19:29 - 01142392 _____ () C:\Users\RBJ\Downloads\SteamSetup.exe
2014-11-26 19:29 - 2014-11-26 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-26 17:39 - 2014-11-26 17:39 - 04508416 _____ () C:\Users\RBJ\Downloads\serviceCar.zip
2014-11-25 19:46 - 2014-11-25 19:46 - 04746336 _____ (GIANTS Software GmbH) C:\Users\RBJ\Downloads\atv.exe
2014-11-25 19:33 - 2014-11-25 19:42 - 212871024 _____ (GIANTS Software ) C:\Users\RBJ\Downloads\FarmingSimulator2015Patch1.1.0.1CZ.exe
2014-11-25 19:06 - 2014-11-25 19:06 - 00000970 _____ () C:\Users\RBJ\Desktop\Farming Simulator 2013 .lnk
2014-11-25 19:06 - 2014-11-25 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013
2014-11-25 19:03 - 2014-11-25 19:06 - 00000000 ____D () C:\Program Files\Farming Simulator 2013
2014-11-25 18:55 - 2014-11-26 19:55 - 00000000 ____D () C:\Users\RBJ\Desktop\Nová složka
2014-11-25 17:22 - 2014-11-25 17:22 - 00000266 _____ () C:\Users\RBJ\Downloads\Call-of-Duty-Modern-Warfare-3-crack.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-24 08:00 - 2011-10-31 16:58 - 00150979 _____ () C:\ProgramData\nvModes.001
2014-12-24 08:00 - 2011-10-31 16:57 - 00150979 _____ () C:\ProgramData\nvModes.dat
2014-12-24 07:58 - 2013-11-07 18:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-24 07:58 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-24 07:58 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-24 07:53 - 2013-09-07 07:08 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-24 05:27 - 2014-07-09 19:53 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job
2014-12-23 22:07 - 2009-10-11 02:00 - 02044327 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 22:04 - 2013-07-20 08:01 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Seznam.cz
2014-12-23 22:00 - 2012-10-13 19:10 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Skype
2014-12-23 21:59 - 2013-09-07 07:08 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-23 21:58 - 2013-11-18 18:13 - 00177422 _____ () C:\Windows\PFRO.log
2014-12-23 21:58 - 2011-10-31 16:51 - 00069792 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2014-12-23 21:58 - 2011-10-31 16:41 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe
2014-12-23 21:58 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-23 21:57 - 2009-10-11 02:01 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-12-23 21:57 - 2006-11-02 13:58 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-23 21:16 - 2009-12-30 12:12 - 00214520 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-12-23 21:16 - 2009-10-26 20:18 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2014-12-23 21:16 - 2009-10-26 20:18 - 00137464 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-12-23 20:47 - 2009-10-25 16:19 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\ICQ
2014-12-23 20:43 - 2012-12-20 17:12 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-23 20:43 - 2010-11-04 17:43 - 00000008 __RSH () C:\Users\RBJ\ntuser.pol
2014-12-23 20:43 - 2009-10-22 18:28 - 00000000 ____D () C:\Users\RBJ
2014-12-23 20:27 - 2014-07-09 19:53 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job
2014-12-23 19:17 - 2006-11-02 12:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-23 12:28 - 2014-10-27 15:13 - 00000820 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-23 12:28 - 2014-10-27 15:13 - 00000808 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-23 12:28 - 2014-06-08 05:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle
2014-12-23 12:28 - 2013-09-07 07:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-23 12:28 - 2009-10-22 18:29 - 00000919 _____ () C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-21 16:34 - 2009-10-11 07:16 - 00000000 ____D () C:\Program Files\Java
2014-12-21 16:31 - 2012-11-28 17:03 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-21 16:31 - 2011-05-25 17:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-21 16:31 - 2009-10-30 22:47 - 00000000 ____D () C:\Users\RBJ\AppData\Local\Adobe
2014-12-21 16:27 - 2010-02-18 17:26 - 00000000 ____D () C:\Windows\system32\Adobe
2014-12-21 13:45 - 2013-12-19 17:03 - 00003252 _____ () C:\Windows\setupact.log
2014-12-21 11:05 - 2014-11-07 10:52 - 00000000 ____D () C:\Program Files\Steam
2014-12-19 20:49 - 2014-11-07 10:52 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-07 15:19 - 2012-03-07 16:11 - 00000000 ____D () C:\Users\RBJ\Documents\My Games
2014-12-07 14:29 - 2013-05-23 17:59 - 00000000 ____D () C:\Users\RBJ\Desktop\Minecraft
2014-12-06 07:58 - 2014-03-07 10:15 - 00000000 ____D () C:\Users\RBJ\Documents\Euro Truck Simulator 2
2014-12-05 18:42 - 2008-01-21 07:14 - 01523830 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-27 16:12 - 2014-11-23 12:27 - 00000000 ____D () C:\Program Files\ICQ7.5
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-23 22:07
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:30.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:10.54 GB) NTFS
Available physical RAM: 881 MB
Total physical RAM: 2042.22 MB
Percentage of memory in use: 56%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 232.9 GB) (Disk ID: 9559FF61)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=218.2 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job => C:\Windows\system32\msfeedssync.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\RBJ\Desktop" je 33455 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
v první řadě přeji veselé Vánoce a bohatého Ježíška a děkuji...
tady je log..
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-12-2014
Ran by RBJ (administrator) on RBJ-PC on 24-12-2014 08:06:46
Running from C:\Users\RBJ\Desktop
Loaded Profile: RBJ (Available profiles: RBJ & Katka & Samík)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Roman Svihalek, Advanced Software) C:\Windows\System32\asam\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Absolute Software Corp.) C:\Windows\System32\rpcnet.exe
() C:\Windows\System32\asam\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\RBJ\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TaskTray] => [X]
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483420 2009-03-31] (IDT, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-10] (Apple Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-05] (CyberLink Corp.)
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-12-11] (Dell Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-11-14] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [iMesh] => "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Facebook Update] => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-22] (Facebook Inc.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {52f138d6-6626-11e1-a426-0c607698e54a} - H:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9562bb9e-6ae5-11e1-8700-0c607698e54a} - I:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {96fab215-a24f-11df-9b7b-0c607698e54a} - Install_Nokia_Ovi_Suite.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9caba1d9-c260-11de-9671-0c607698e54a} - F:\cdstart.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Samík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-2635682205-992849683-4104728822-1002\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
URLSearchHook: [S-1-5-21-2635682205-992849683-4104728822-1000] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/ ... tion32.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 212.24.128.8 82.119.240.3
Tcpip\..\Interfaces\{1E357D7D-8FAD-419C-98A0-87FC8960A498}: [NameServer] 91.187.32.2,77.48.100.254
FireFox:
========
FF ProfilePath: C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @live.heroesandgenerals.com/npretox -> C:\Program Files\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll (Reto-Moto ApS)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2635682205-992849683-4104728822-1000: iMeshPlugin -> C:\Program Files\iMesh Applications\iMesh\npiMeshPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Security Protection - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\detgdp@gmail.com [2014-12-23]
FF Extension: TVU Web Player - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\firefox@tvunetworks.com [2011-07-24]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27]
FF Extension: Hulksearch - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\{6dfff1b3-5c82-4a33-91e2-65f51c0d090e}.xpi [2012-01-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-03-02]
FF HKLM\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\extensions\detgdp@gmail.com
FF Extension: No Name - wrc@avast.com [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-23]
CHR Extension: (Dokumenty Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-23]
CHR Extension: (Disk Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-23]
CHR Extension: (Seznam Lištička - Email) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-08-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-08]
CHR Extension: (YouTube) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-07]
CHR Extension: (Vyhledávání Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-07]
CHR Extension: (Tabulky Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-23]
CHR Extension: (Avast Online Security) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-12]
CHR Extension: (Peněženka Google) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-14]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-08-08]
CHR Extension: (Gmail) - C:\Users\RBJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-07]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-02]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ActivityMon2; C:\Windows\system32\asam\svchost.exe [185856 2012-06-03] (Roman Svihalek, Advanced Software) [File not signed]
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\aestsrv.exe [81920 2009-03-31] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-02] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72224 2009-01-08] (O2Micro International)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75064 2009-12-30] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [214520 2014-12-23] ()
R2 rpcnet; C:\Windows\system32\rpcnet.exe [69792 2014-09-02] (Absolute Software Corp.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\STacSV.exe [249938 2009-03-31] (IDT, Inc.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-12-11] (Dell Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [97920 2006-12-20] (QUALCOMM Incorporated)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-11-14] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-10-02] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-11] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-09-19] (BlueStack Systems)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 O2MDGRDR; C:\Windows\System32\DRIVERS\o2mdg.sys [51616 2009-01-08] (O2Micro )
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdg.sys [41760 2009-01-08] (O2Micro )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2009-12-27] () [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-28] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\Windows\System32\drivers\WmHidLo.sys [31816 2010-04-28] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-28] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-28] (Logitech Inc.)
U3 ax6e4xvd; C:\Windows\system32\Drivers\ax6e4xvd.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-24 08:06 - 2014-12-24 08:07 - 00021530 _____ () C:\Users\RBJ\Desktop\FRST.txt
2014-12-24 08:06 - 2014-12-24 08:06 - 00000000 ____D () C:\FRST
2014-12-24 08:05 - 2014-12-24 08:05 - 01114112 _____ (Farbar) C:\Users\RBJ\Desktop\FRST.exe
2014-12-24 08:05 - 2014-12-24 08:05 - 00112640 _____ (forum.viry.cz) C:\Users\RBJ\Desktop\FRSTLauncher.exe
2014-12-23 21:46 - 2014-12-23 21:27 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-23 21:28 - 2014-12-23 20:45 - 00027270 _____ () C:\zoek-results2014-12-23-194507.log
2014-12-23 20:56 - 2014-12-23 20:56 - 01295360 _____ () C:\Users\RBJ\Downloads\zoek.exe
2014-12-23 20:51 - 2014-12-23 21:26 - 04134156 _____ () C:\Users\RBJ\Downloads\zoek.zip
2014-12-23 20:49 - 2014-12-23 21:22 - 01295360 _____ () C:\Users\RBJ\Desktop\zoek.exe
2014-12-23 19:16 - 2014-12-23 21:59 - 00000000 ____D () C:\zoek
2014-12-23 19:00 - 2014-12-23 21:59 - 00017790 _____ () C:\zoek-results.log
2014-12-23 18:54 - 2014-12-23 20:51 - 04278341 _____ () C:\Users\RBJ\Downloads\zoek.rar.part
2014-12-23 18:52 - 2014-12-23 21:43 - 00000000 ____D () C:\zoek_backup
2014-12-23 11:58 - 2014-12-23 12:28 - 00000000 ____D () C:\AdwCleaner
2014-12-23 11:57 - 2014-12-23 11:57 - 02173952 _____ () C:\Users\RBJ\Desktop\adwcleaner_4.106.exe
2014-12-23 10:31 - 2014-12-23 10:31 - 00040782 _____ () C:\Users\RBJ\Downloads\Addition.txt
2014-12-21 16:35 - 2014-12-21 16:35 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-12-21 16:34 - 2014-12-21 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-21 16:34 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-21 16:34 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-21 16:34 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-21 16:34 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-21 16:33 - 2014-12-21 16:34 - 00004275 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-21 14:32 - 2014-12-21 15:39 - 1473748992 _____ () C:\Users\RBJ\Downloads\CoD4MWDemoSetup.exe
2014-12-21 10:33 - 2014-12-21 10:43 - 94264883 _____ () C:\Users\RBJ\Downloads\DanteLP-Hexxit+MC.rar
2014-12-21 10:17 - 2014-12-21 10:17 - 03170256 _____ () C:\Users\RBJ\Downloads\minecraft-1.7.10.exe.part
2014-12-20 13:17 - 2014-12-20 13:17 - 00000000 ____D () C:\Users\RBJ\AppData\Local\UWebKit151
2014-12-20 13:16 - 2014-12-20 13:16 - 00000856 _____ () C:\Users\Public\Desktop\Shards of War.lnk
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shards of War
2014-12-20 13:16 - 2014-12-20 13:16 - 00000000 ____D () C:\Program Files\Shards of War
2014-12-20 13:13 - 2014-12-20 13:14 - 23533016 _____ (Bigpoint GmbH ) C:\Users\RBJ\Downloads\ShardsOfWarSetup.exe
2014-12-20 11:57 - 2014-12-20 12:02 - 45503086 _____ () C:\Users\RBJ\Downloads\Minecraft-1.5.2-Hexxit.zip
2014-12-20 10:45 - 2014-12-20 11:14 - 475774532 _____ () C:\Users\RBJ\Downloads\čeština-call-of-duty-5.zip
2014-12-19 18:27 - 2014-12-19 19:21 - 1006315632 _____ () C:\Users\RBJ\Downloads\arma-2-free_1.0.zip
2014-12-17 17:15 - 2014-12-17 17:15 - 00011324 _____ () C:\Users\RBJ\Downloads\Sleeping_Beauty.torrent
2014-12-17 17:14 - 2014-12-17 17:14 - 00072852 _____ () C:\Users\RBJ\Downloads\Sleeping-Dogs-Definitive-Edition-PC-full-game-^^nosTEAM^^.torrent
2014-12-07 18:29 - 2014-12-07 18:29 - 00463724 _____ () C:\Users\RBJ\Downloads\minecraft-1-7-3-plna-hra-zdarma.zip
2014-12-07 18:24 - 2014-12-21 10:20 - 06830478 _____ (MINECRAFT ) C:\Users\RBJ\Downloads\MINECRAFT-1-7-2-plna-hra-zdarma.exe.part
2014-12-07 17:42 - 2014-12-07 17:42 - 00263186 _____ () C:\Users\RBJ\Downloads\minecraft_1.7.10.exe
2014-12-07 17:25 - 2014-12-07 17:25 - 00263186 _____ () C:\Users\RBJ\Downloads\Minecraft(7).exe
2014-12-07 15:17 - 2014-12-07 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator
2014-12-07 15:17 - 2014-12-07 15:17 - 00000000 ____D () C:\Program Files\Goat Simulator
2014-12-07 14:06 - 2014-12-07 15:14 - 640813276 _____ () C:\Users\RBJ\Downloads\Goat-Simulator-Pikachu92.rar
2014-12-07 14:05 - 2014-12-07 14:05 - 00030085 _____ () C:\Users\RBJ\Downloads\Goat.Simulator.2014-RELOADED.rar
2014-12-05 20:27 - 2014-12-07 11:02 - 00000000 ____D () C:\Program Files\WarThunder
2014-12-05 20:27 - 2014-12-05 20:27 - 00001642 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-12-05 20:27 - 2014-12-05 20:27 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-12-05 20:26 - 2014-12-05 20:27 - 04708944 _____ (Gaijin Entertainment ) C:\Users\RBJ\Downloads\wt_launcher_1.0.1.465.exe
2014-11-27 16:44 - 2014-11-27 16:44 - 00263186 _____ () C:\Users\RBJ\Downloads\minecraft_1.7.9.exe
2014-11-27 16:28 - 2014-11-27 16:28 - 00044681 _____ () C:\Users\RBJ\Downloads\Team-Fortress-2-Hack.rar
2014-11-26 19:29 - 2014-11-26 19:29 - 01142392 _____ () C:\Users\RBJ\Downloads\SteamSetup.exe
2014-11-26 19:29 - 2014-11-26 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-26 17:39 - 2014-11-26 17:39 - 04508416 _____ () C:\Users\RBJ\Downloads\serviceCar.zip
2014-11-25 19:46 - 2014-11-25 19:46 - 04746336 _____ (GIANTS Software GmbH) C:\Users\RBJ\Downloads\atv.exe
2014-11-25 19:33 - 2014-11-25 19:42 - 212871024 _____ (GIANTS Software ) C:\Users\RBJ\Downloads\FarmingSimulator2015Patch1.1.0.1CZ.exe
2014-11-25 19:06 - 2014-11-25 19:06 - 00000970 _____ () C:\Users\RBJ\Desktop\Farming Simulator 2013 .lnk
2014-11-25 19:06 - 2014-11-25 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013
2014-11-25 19:03 - 2014-11-25 19:06 - 00000000 ____D () C:\Program Files\Farming Simulator 2013
2014-11-25 18:55 - 2014-11-26 19:55 - 00000000 ____D () C:\Users\RBJ\Desktop\Nová složka
2014-11-25 17:22 - 2014-11-25 17:22 - 00000266 _____ () C:\Users\RBJ\Downloads\Call-of-Duty-Modern-Warfare-3-crack.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-24 08:00 - 2011-10-31 16:58 - 00150979 _____ () C:\ProgramData\nvModes.001
2014-12-24 08:00 - 2011-10-31 16:57 - 00150979 _____ () C:\ProgramData\nvModes.dat
2014-12-24 07:58 - 2013-11-07 18:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-24 07:58 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-24 07:58 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-24 07:53 - 2013-09-07 07:08 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-24 05:27 - 2014-07-09 19:53 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job
2014-12-23 22:07 - 2009-10-11 02:00 - 02044327 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 22:04 - 2013-07-20 08:01 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Seznam.cz
2014-12-23 22:00 - 2012-10-13 19:10 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\Skype
2014-12-23 21:59 - 2013-09-07 07:08 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-23 21:58 - 2013-11-18 18:13 - 00177422 _____ () C:\Windows\PFRO.log
2014-12-23 21:58 - 2011-10-31 16:51 - 00069792 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2014-12-23 21:58 - 2011-10-31 16:41 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe
2014-12-23 21:58 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-23 21:57 - 2009-10-11 02:01 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-12-23 21:57 - 2006-11-02 13:58 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-23 21:16 - 2009-12-30 12:12 - 00214520 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-12-23 21:16 - 2009-10-26 20:18 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2014-12-23 21:16 - 2009-10-26 20:18 - 00137464 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-12-23 20:47 - 2009-10-25 16:19 - 00000000 ____D () C:\Users\RBJ\AppData\Roaming\ICQ
2014-12-23 20:43 - 2012-12-20 17:12 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-23 20:43 - 2010-11-04 17:43 - 00000008 __RSH () C:\Users\RBJ\ntuser.pol
2014-12-23 20:43 - 2009-10-22 18:28 - 00000000 ____D () C:\Users\RBJ
2014-12-23 20:27 - 2014-07-09 19:53 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job
2014-12-23 19:17 - 2006-11-02 12:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-23 12:28 - 2014-10-27 15:13 - 00000820 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-23 12:28 - 2014-10-27 15:13 - 00000808 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-23 12:28 - 2014-06-08 05:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle
2014-12-23 12:28 - 2013-09-07 07:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-23 12:28 - 2009-10-22 18:29 - 00000919 _____ () C:\Users\RBJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-21 16:34 - 2009-10-11 07:16 - 00000000 ____D () C:\Program Files\Java
2014-12-21 16:31 - 2012-11-28 17:03 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-21 16:31 - 2011-05-25 17:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-21 16:31 - 2009-10-30 22:47 - 00000000 ____D () C:\Users\RBJ\AppData\Local\Adobe
2014-12-21 16:27 - 2010-02-18 17:26 - 00000000 ____D () C:\Windows\system32\Adobe
2014-12-21 13:45 - 2013-12-19 17:03 - 00003252 _____ () C:\Windows\setupact.log
2014-12-21 11:05 - 2014-11-07 10:52 - 00000000 ____D () C:\Program Files\Steam
2014-12-19 20:49 - 2014-11-07 10:52 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-07 15:19 - 2012-03-07 16:11 - 00000000 ____D () C:\Users\RBJ\Documents\My Games
2014-12-07 14:29 - 2013-05-23 17:59 - 00000000 ____D () C:\Users\RBJ\Desktop\Minecraft
2014-12-06 07:58 - 2014-03-07 10:15 - 00000000 ____D () C:\Users\RBJ\Documents\Euro Truck Simulator 2
2014-12-05 18:42 - 2008-01-21 07:14 - 01523830 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-27 16:12 - 2014-11-23 12:27 - 00000000 ____D () C:\Program Files\ICQ7.5
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-23 22:07
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:30.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:10.54 GB) NTFS
Available physical RAM: 881 MB
Total physical RAM: 2042.22 MB
Percentage of memory in use: 56%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 232.9 GB) (Disk ID: 9559FF61)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=218.2 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job => C:\Windows\system32\msfeedssync.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\RBJ\Desktop" je 33455 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-12-2014
Ran by RBJ at 2014-12-24 08:07:57
Running from C:\Users\RBJ\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader 9 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Apple Application Support (HKLM\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8) (HKLM\...\C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD) (Version: 05/22/2008 3.8 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1) (HKLM\...\9CD348AE9C64C4B939B624E8E24F3903EFDFC82B) (Version: 05/22/2008 7.00.0.1 - Nokia)
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.3.0.2 - )
BlueStacks Notification Center (HKLM\...\{87D0541E-7EB4-44AD-8A0D-D951152020C1}) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.51.1022 - Webteh, d.o.o.)
Call of Duty (HKLM\...\Call of Duty) (Version: - )
Call of Duty Modern Warfare 2 (HKLM\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Call of Duty(R) 2 (HKLM\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (Version: 1.3 - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Activision) Hidden
CCleaner (remove only) (HKLM\...\CCleaner) (Version: - )
Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Colin McRae Rally 2 (HKLM\...\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}) (Version: - )
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.4.102.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dropbox (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.2.5 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry Demo (HKLM\...\InstallShield_{471BB1D9-6F59-4093-B46D-373772D5C111}) (Version: 1.00.0000 - Ubisoft)
Far Cry Demo (Version: 1.00.0000 - Ubisoft) Hidden
Farming Simulator 2013 (HKLM\...\FarmingSimulator2013CZ_is1) (Version: 1.0 - GIANTS Software)
GamePark (HKLM\...\GameParkClient_is1) (Version: - GamePark)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
GIMP 2.6.12 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google SketchUp 8 (HKLM\...\{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}) (Version: 3.0.11752 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes & Generals (HKLM\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Inkscape 0.48.2 (HKLM\...\Inkscape) (Version: 0.48.2 - )
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Logitech Gaming Software 5.10 (HKLM\...\{60D32CDC-E3BE-4578-BA10-29322307CDDC}) (Version: 5.10.127 - Logitech)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Minecraft 1.6.4 + Funkcni CZ Multiplayer Server (HKLM\...\Minecraft 1.6.4 + Funkcni CZ Multiplayer Server) (Version: - )
minecraft mody letadla auta tanky a pistole 1.5.2 rar version for Windows (HKLM\...\{5C1C0C92-350D-C1E8-0D4D-BCBBADAACD32}_is1) (Version: for Windows - )
Minecraft PC Gamer Demo version 1.5 (HKLM\...\{55D65D27-C0CD-4375-9021-F3D3D024ED90}_is1) (Version: 1.5 - Mojang)
Mozilla Firefox 33.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 33.0.2 (x86 cs)) (Version: 33.0.2 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nádherná zahrada (HKLM\...\Nádherná zahrada) (Version: - )
Nástroj pro bezdrátovou kartu WLAN Dell (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.18 - Dell Inc.)
Network Play System (Patching) (HKLM\...\Network Play System (Patching)) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA GAME System Software 2.8.1 (HKLM\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
OpenOffice.org 3.1 (HKLM\...\{824BADF8-9A1B-4D07-8817-8DDDC8543F23}) (Version: 3.1.9420 - OpenOffice.org)
PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.2.5024 - Dell Corp.)
PSPad editor (HKLM\...\PSPad editor_is1) (Version: - Jan Fiala)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime (HKLM\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
Road Construction Simulator (HKLM\...\Road Construction Simulator1.0) (Version: 1.0 - Foxy Games)
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Samsung PC Studio 3 (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
SCANIA Truck Driving Simulator 1.0.0 (HKLM\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software)
Seznam Software (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\SeznamInstall) (Version: - Seznam.cz)
Shards of War (HKLM\...\1d128bf6-25c8-4b8a-bfa2-12b013ab230e_is1) (Version: 59459 - Bigpoint GmbH)
Simulátor stavby - Jeřáb (HKLM\...\Simulátor stavby - Jeřáb_is1) (Version: 1.0 - TopQer s.r.o.)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8312 - Skype Technologies S.A.)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Správce záloh a obnov Dell (HKLM\...\{28DBCC2C-9342-47C3-9A92-1FDBDE377C14}) (Version: 1.0.0 - Dell, Inc.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SweeetPlayer bundle (HKLM\...\SweeetPlayer bundle) (Version: 2.0.0.5 - Perion Network LTD.)
SweetPlayer version 1.0 (HKLM\...\{3F5700A1-5116-4BAA-9AD8-3FB238BE9334}_is1) (Version: 1.0 - Perion Network Ltd.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Ufonuv fofr internet 3.258.47 (HKLM\...\Ufonuv fofr internet) (Version: 3.258.47 - AnyDATA.NET, Inc)
Unity Web Player (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
VariCAD 2009-1.03 CZ (HKLM\...\VariCAD_20090303_CZ) (Version: - )
War Thunder Launcher 1.0.1.465 (HKLM\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Winamp (HKLM\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
World of Tanks (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Ztracený poklad 1.2 (HKLM\...\{49A30D6B-CCD8-4741-91FD-0E3FCC0D3A13}_is1) (Version: - Špidla Data Processing, s.r.o.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{527C9A9B-B9A2-44B0-84F9-F0DC11C2BCFB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\RBJ\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C206F324-BB45-4765-93FF-3BCA7306FF2E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\ACTXPRXY.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{E03E85B0-7BE3-4000-BA98-6C13DE9FA486}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-12-2014 19:21:08 Naplánovaný kontrolní bod
21-12-2014 16:32:29 Installed Java 7 Update 71
23-12-2014 11:05:56 Naplánovaný kontrolní bod
23-12-2014 19:00:43 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2014-12-23 21:28 - 00000781 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0DC725E3-1301-4D69-BBF8-3299BC12CE1D} - System32\Tasks\{23331894-CC9A-4F08-B448-BB6CAADC1262} => pcalua.exe -a C:\Users\RBJ\Downloads\18Wheels_of_Steel.exe -d "C:\Program Files\Mozilla Firefox"
Task: {5E5E87CC-DFA0-47F5-833A-623DC05F75A3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-21] (Adobe Systems Incorporated)
Task: {7A4EDB56-4F65-40DA-8B00-9F099A0043F0} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {84CB72F3-6C63-4DAF-86F3-4480E7B821E9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-22] (Facebook Inc.)
Task: {92FCBF3F-AA16-418D-82F4-15260A11EB31} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-13] (AVAST Software)
Task: {95A7FDA4-EA21-4059-ACEC-04F11A00605F} - System32\Tasks\{8C6F8F37-AC09-4244-A833-E086D5C04D4E} => pcalua.exe -a C:\Users\RBJ\AppData\Local\Temp\nro.tmp\SetupX.exe -d C:\Users\RBJ\AppData\Local\Temp\nro.tmp\ -c CONFIGPATH="C:\Users\RBJ\AppData\Local\Temp\NERO1002529\" SC SOURCEPATH="C:\Users\RBJ\AppData\Local\Temp\NERO1002529\"
Task: {A0EE5C6D-E94F-4DB5-8059-AEB6F48C7C40} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-22] (Facebook Inc.)
Task: {A7598A93-5AAD-4DEB-8F79-6BB508FB3D8D} - System32\Tasks\{310D873D-E002-4D6C-A538-93320D684C28} => pcalua.exe -a "C:\Program Files\Graphisoft\ArchiCAD 12\Uninstall.AC\uninstaller.exe"
Task: {A8FE6443-0274-4264-9010-1D540C35364A} - System32\Tasks\{5A8C90FA-F6E3-438B-91EB-ACCA6EF036FD} => pcalua.exe -a "C:\Users\RBJ\Desktop\F1\F1 2002\Support\F1 2002_uninst.exe" -d "C:\Users\RBJ\Desktop\F1\F1 2002\Support"
Task: {B343BA08-0900-4610-962B-BD00D49D2737} - System32\Tasks\{5FFDB9B2-6370-42C7-A57C-1579F4A4F9CF} => pcalua.exe -a C:\Users\RBJ\Desktop\plne_verze\infomapy\download\imhe2010_setup_chip_full_pack.exe -d C:\Users\RBJ\Desktop\plne_verze\infomapy\download
Task: {BC70DDAA-092C-4539-B5DF-48F134ED0FBC} - System32\Tasks\{67E02497-2CC1-42A4-9E37-532DD5F26AFD} => pcalua.exe -a "C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe" -c /M{471BB1D9-6F59-4093-B46D-373772D5C111}
Task: {BD384538-9BFA-47C0-AA53-B7532966666A} - System32\Tasks\{56F014CA-0817-4D25-B2DE-F09D65362AD3} => pcalua.exe -a C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {D61D788C-2187-4613-8A33-3F859D025BA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.)
Task: {E66433FE-B1FD-4A58-B6B2-4A585F8F3D7A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: {EB1A1AD2-16F5-4BD4-996F-529B715DDA23} - System32\Tasks\{423CFCF6-E219-43AA-BC55-4B2CBE4B78B5} => pcalua.exe -a "C:\Users\RBJ\Desktop\spidla\spidla kompletní hry vše cz\Polární dobrodružství\Polární dobrodružství 2.exe" -d "C:\Users\RBJ\Desktop\spidla\spidla kompletní hry vše cz\Polární dobrodružství"
Task: {F2C100EC-5193-451A-9021-3610C04A19B2} - System32\Tasks\{F690F736-4501-46EE-9BA5-AFB6C2655445} => pcalua.exe -a C:\Users\RBJ\Desktop\HuntingUnl4.exe -d C:\Users\RBJ\Desktop
Task: {FF400776-7C39-4B4F-8B4C-5A2911A57895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2009-10-11 07:18 - 2008-12-11 18:48 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2009-10-11 07:18 - 2008-12-11 18:47 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll
2011-03-02 19:58 - 2014-10-02 18:40 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-12-23 22:00 - 2014-12-23 22:01 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122301\algo.dll
2011-04-02 22:36 - 2012-06-03 22:47 - 00406016 _____ () C:\Windows\system32\asam\SQLite.dll
2011-04-02 22:37 - 2012-06-03 22:47 - 00629760 _____ () C:\Windows\system32\asam\CxImage.dll
2011-04-02 22:36 - 2012-06-03 22:47 - 00060416 _____ () C:\Windows\system32\asam\zlib1.dll
2009-10-26 20:18 - 2009-12-30 12:07 - 00075064 _____ () C:\Windows\system32\PnkBstrA.exe
2009-10-26 20:18 - 2014-12-23 21:16 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2011-04-03 12:35 - 2012-06-03 22:47 - 00117248 _____ () C:\Windows\system32\asam\rundll32.exe
2011-04-02 22:44 - 2012-06-03 22:47 - 00188928 _____ () C:\Windows\system32\asam\Czech\XTToolkitPro.dll
2014-08-08 09:46 - 2013-03-29 12:37 - 00059384 _____ () C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\25923libfoxloader.dll
2011-10-07 18:07 - 2008-03-30 15:22 - 00070144 _____ () C:\Program Files\PSPad editor\PSPadShell.dll
2006-11-03 23:46 - 2006-11-03 23:46 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2014-10-02 18:40 - 2014-10-02 18:40 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2006-11-03 23:25 - 2006-11-03 23:25 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2014-08-08 09:46 - 2013-04-12 09:13 - 00457208 _____ () C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-08-08 09:46 - 2013-03-25 15:39 - 00894968 _____ () C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-08-08 09:46 - 2014-02-05 15:38 - 00076288 _____ () C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2014-10-27 15:13 - 2014-10-31 07:09 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2635682205-992849683-4104728822-500 - Administrator - Disabled)
Guest (S-1-5-21-2635682205-992849683-4104728822-501 - Limited - Disabled)
Katka (S-1-5-21-2635682205-992849683-4104728822-1001 - Administrator - Enabled) => C:\Users\Katka
RBJ (S-1-5-21-2635682205-992849683-4104728822-1000 - Administrator - Enabled) => C:\Users\RBJ
Samík (S-1-5-21-2635682205-992849683-4104728822-1002 - Limited - Enabled) => C:\Users\Samík
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/23/2014 10:01:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:44 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:44 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:14 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:14 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
System errors:
=============
Error: (12/24/2014 07:01:34 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/24/2014 02:31:23 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/24/2014 02:31:23 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 10:01:52 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 10:01:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 10:00:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BlueStacks Android Service%%1064
Error: (12/23/2014 10:00:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (12/23/2014 09:59:02 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 09:59:02 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 09:59:02 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Microsoft Office Sessions:
=========================
Error: (12/23/2014 10:01:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES
Error: (12/23/2014 10:01:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES
Error: (12/23/2014 10:01:44 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS
Error: (12/23/2014 10:01:44 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS
Error: (12/23/2014 10:01:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES
Error: (12/23/2014 10:01:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES
Error: (12/23/2014 10:01:14 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS
Error: (12/23/2014 10:01:14 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS
Error: (12/23/2014 10:01:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS
Error: (12/23/2014 10:01:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS
CodeIntegrity Errors:
===================================
Date: 2013-03-21 19:25:28.799
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-21 19:25:28.596
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-21 19:25:28.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-21 19:25:28.144
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.943
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.779
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.585
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.413
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:47.750
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:47.587
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P7570 @ 2.26GHz
Percentage of memory in use: 56%
Total physical RAM: 2042.22 MB
Available physical RAM: 881 MB
Total Pagefile: 4325.44 MB
Available Pagefile: 3015.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1885.02 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:30.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:10.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 9559FF61)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=218.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ran by RBJ at 2014-12-24 08:07:57
Running from C:\Users\RBJ\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader 9 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Apple Application Support (HKLM\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8) (HKLM\...\C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD) (Version: 05/22/2008 3.8 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1) (HKLM\...\9CD348AE9C64C4B939B624E8E24F3903EFDFC82B) (Version: 05/22/2008 7.00.0.1 - Nokia)
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.3.0.2 - )
BlueStacks Notification Center (HKLM\...\{87D0541E-7EB4-44AD-8A0D-D951152020C1}) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.51.1022 - Webteh, d.o.o.)
Call of Duty (HKLM\...\Call of Duty) (Version: - )
Call of Duty Modern Warfare 2 (HKLM\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Call of Duty(R) 2 (HKLM\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (Version: 1.3 - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Activision) Hidden
CCleaner (remove only) (HKLM\...\CCleaner) (Version: - )
Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Colin McRae Rally 2 (HKLM\...\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}) (Version: - )
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.4.102.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dropbox (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.2.5 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry Demo (HKLM\...\InstallShield_{471BB1D9-6F59-4093-B46D-373772D5C111}) (Version: 1.00.0000 - Ubisoft)
Far Cry Demo (Version: 1.00.0000 - Ubisoft) Hidden
Farming Simulator 2013 (HKLM\...\FarmingSimulator2013CZ_is1) (Version: 1.0 - GIANTS Software)
GamePark (HKLM\...\GameParkClient_is1) (Version: - GamePark)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
GIMP 2.6.12 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google SketchUp 8 (HKLM\...\{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}) (Version: 3.0.11752 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes & Generals (HKLM\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Inkscape 0.48.2 (HKLM\...\Inkscape) (Version: 0.48.2 - )
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Logitech Gaming Software 5.10 (HKLM\...\{60D32CDC-E3BE-4578-BA10-29322307CDDC}) (Version: 5.10.127 - Logitech)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Minecraft 1.6.4 + Funkcni CZ Multiplayer Server (HKLM\...\Minecraft 1.6.4 + Funkcni CZ Multiplayer Server) (Version: - )
minecraft mody letadla auta tanky a pistole 1.5.2 rar version for Windows (HKLM\...\{5C1C0C92-350D-C1E8-0D4D-BCBBADAACD32}_is1) (Version: for Windows - )
Minecraft PC Gamer Demo version 1.5 (HKLM\...\{55D65D27-C0CD-4375-9021-F3D3D024ED90}_is1) (Version: 1.5 - Mojang)
Mozilla Firefox 33.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 33.0.2 (x86 cs)) (Version: 33.0.2 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nádherná zahrada (HKLM\...\Nádherná zahrada) (Version: - )
Nástroj pro bezdrátovou kartu WLAN Dell (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.18 - Dell Inc.)
Network Play System (Patching) (HKLM\...\Network Play System (Patching)) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA GAME System Software 2.8.1 (HKLM\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
OpenOffice.org 3.1 (HKLM\...\{824BADF8-9A1B-4D07-8817-8DDDC8543F23}) (Version: 3.1.9420 - OpenOffice.org)
PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.2.5024 - Dell Corp.)
PSPad editor (HKLM\...\PSPad editor_is1) (Version: - Jan Fiala)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime (HKLM\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
Road Construction Simulator (HKLM\...\Road Construction Simulator1.0) (Version: 1.0 - Foxy Games)
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Samsung PC Studio 3 (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
SCANIA Truck Driving Simulator 1.0.0 (HKLM\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software)
Seznam Software (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\SeznamInstall) (Version: - Seznam.cz)
Shards of War (HKLM\...\1d128bf6-25c8-4b8a-bfa2-12b013ab230e_is1) (Version: 59459 - Bigpoint GmbH)
Simulátor stavby - Jeřáb (HKLM\...\Simulátor stavby - Jeřáb_is1) (Version: 1.0 - TopQer s.r.o.)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8312 - Skype Technologies S.A.)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Správce záloh a obnov Dell (HKLM\...\{28DBCC2C-9342-47C3-9A92-1FDBDE377C14}) (Version: 1.0.0 - Dell, Inc.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SweeetPlayer bundle (HKLM\...\SweeetPlayer bundle) (Version: 2.0.0.5 - Perion Network LTD.)
SweetPlayer version 1.0 (HKLM\...\{3F5700A1-5116-4BAA-9AD8-3FB238BE9334}_is1) (Version: 1.0 - Perion Network Ltd.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Ufonuv fofr internet 3.258.47 (HKLM\...\Ufonuv fofr internet) (Version: 3.258.47 - AnyDATA.NET, Inc)
Unity Web Player (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
VariCAD 2009-1.03 CZ (HKLM\...\VariCAD_20090303_CZ) (Version: - )
War Thunder Launcher 1.0.1.465 (HKLM\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Winamp (HKLM\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
World of Tanks (HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Ztracený poklad 1.2 (HKLM\...\{49A30D6B-CCD8-4741-91FD-0E3FCC0D3A13}_is1) (Version: - Špidla Data Processing, s.r.o.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\RBJ\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{527C9A9B-B9A2-44B0-84F9-F0DC11C2BCFB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\RBJ\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C206F324-BB45-4765-93FF-3BCA7306FF2E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\ACTXPRXY.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\RBJ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{E03E85B0-7BE3-4000-BA98-6C13DE9FA486}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RBJ\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-12-2014 19:21:08 Naplánovaný kontrolní bod
21-12-2014 16:32:29 Installed Java 7 Update 71
23-12-2014 11:05:56 Naplánovaný kontrolní bod
23-12-2014 19:00:43 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2014-12-23 21:28 - 00000781 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0DC725E3-1301-4D69-BBF8-3299BC12CE1D} - System32\Tasks\{23331894-CC9A-4F08-B448-BB6CAADC1262} => pcalua.exe -a C:\Users\RBJ\Downloads\18Wheels_of_Steel.exe -d "C:\Program Files\Mozilla Firefox"
Task: {5E5E87CC-DFA0-47F5-833A-623DC05F75A3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-21] (Adobe Systems Incorporated)
Task: {7A4EDB56-4F65-40DA-8B00-9F099A0043F0} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {84CB72F3-6C63-4DAF-86F3-4480E7B821E9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-22] (Facebook Inc.)
Task: {92FCBF3F-AA16-418D-82F4-15260A11EB31} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-13] (AVAST Software)
Task: {95A7FDA4-EA21-4059-ACEC-04F11A00605F} - System32\Tasks\{8C6F8F37-AC09-4244-A833-E086D5C04D4E} => pcalua.exe -a C:\Users\RBJ\AppData\Local\Temp\nro.tmp\SetupX.exe -d C:\Users\RBJ\AppData\Local\Temp\nro.tmp\ -c CONFIGPATH="C:\Users\RBJ\AppData\Local\Temp\NERO1002529\" SC SOURCEPATH="C:\Users\RBJ\AppData\Local\Temp\NERO1002529\"
Task: {A0EE5C6D-E94F-4DB5-8059-AEB6F48C7C40} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-22] (Facebook Inc.)
Task: {A7598A93-5AAD-4DEB-8F79-6BB508FB3D8D} - System32\Tasks\{310D873D-E002-4D6C-A538-93320D684C28} => pcalua.exe -a "C:\Program Files\Graphisoft\ArchiCAD 12\Uninstall.AC\uninstaller.exe"
Task: {A8FE6443-0274-4264-9010-1D540C35364A} - System32\Tasks\{5A8C90FA-F6E3-438B-91EB-ACCA6EF036FD} => pcalua.exe -a "C:\Users\RBJ\Desktop\F1\F1 2002\Support\F1 2002_uninst.exe" -d "C:\Users\RBJ\Desktop\F1\F1 2002\Support"
Task: {B343BA08-0900-4610-962B-BD00D49D2737} - System32\Tasks\{5FFDB9B2-6370-42C7-A57C-1579F4A4F9CF} => pcalua.exe -a C:\Users\RBJ\Desktop\plne_verze\infomapy\download\imhe2010_setup_chip_full_pack.exe -d C:\Users\RBJ\Desktop\plne_verze\infomapy\download
Task: {BC70DDAA-092C-4539-B5DF-48F134ED0FBC} - System32\Tasks\{67E02497-2CC1-42A4-9E37-532DD5F26AFD} => pcalua.exe -a "C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe" -c /M{471BB1D9-6F59-4093-B46D-373772D5C111}
Task: {BD384538-9BFA-47C0-AA53-B7532966666A} - System32\Tasks\{56F014CA-0817-4D25-B2DE-F09D65362AD3} => pcalua.exe -a C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {D61D788C-2187-4613-8A33-3F859D025BA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.)
Task: {E66433FE-B1FD-4A58-B6B2-4A585F8F3D7A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: {EB1A1AD2-16F5-4BD4-996F-529B715DDA23} - System32\Tasks\{423CFCF6-E219-43AA-BC55-4B2CBE4B78B5} => pcalua.exe -a "C:\Users\RBJ\Desktop\spidla\spidla kompletní hry vše cz\Polární dobrodružství\Polární dobrodružství 2.exe" -d "C:\Users\RBJ\Desktop\spidla\spidla kompletní hry vše cz\Polární dobrodružství"
Task: {F2C100EC-5193-451A-9021-3610C04A19B2} - System32\Tasks\{F690F736-4501-46EE-9BA5-AFB6C2655445} => pcalua.exe -a C:\Users\RBJ\Desktop\HuntingUnl4.exe -d C:\Users\RBJ\Desktop
Task: {FF400776-7C39-4B4F-8B4C-5A2911A57895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2009-10-11 07:18 - 2008-12-11 18:48 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2009-10-11 07:18 - 2008-12-11 18:47 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll
2011-03-02 19:58 - 2014-10-02 18:40 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-12-23 22:00 - 2014-12-23 22:01 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122301\algo.dll
2011-04-02 22:36 - 2012-06-03 22:47 - 00406016 _____ () C:\Windows\system32\asam\SQLite.dll
2011-04-02 22:37 - 2012-06-03 22:47 - 00629760 _____ () C:\Windows\system32\asam\CxImage.dll
2011-04-02 22:36 - 2012-06-03 22:47 - 00060416 _____ () C:\Windows\system32\asam\zlib1.dll
2009-10-26 20:18 - 2009-12-30 12:07 - 00075064 _____ () C:\Windows\system32\PnkBstrA.exe
2009-10-26 20:18 - 2014-12-23 21:16 - 00214520 _____ () C:\Windows\system32\PnkBstrB.exe
2011-04-03 12:35 - 2012-06-03 22:47 - 00117248 _____ () C:\Windows\system32\asam\rundll32.exe
2011-04-02 22:44 - 2012-06-03 22:47 - 00188928 _____ () C:\Windows\system32\asam\Czech\XTToolkitPro.dll
2014-08-08 09:46 - 2013-03-29 12:37 - 00059384 _____ () C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\25923libfoxloader.dll
2011-10-07 18:07 - 2008-03-30 15:22 - 00070144 _____ () C:\Program Files\PSPad editor\PSPadShell.dll
2006-11-03 23:46 - 2006-11-03 23:46 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2014-10-02 18:40 - 2014-10-02 18:40 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2006-11-03 23:25 - 2006-11-03 23:25 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2014-08-08 09:46 - 2013-04-12 09:13 - 00457208 _____ () C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-08-08 09:46 - 2013-03-25 15:39 - 00894968 _____ () C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-08-08 09:46 - 2014-02-05 15:38 - 00076288 _____ () C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2014-10-27 15:13 - 2014-10-31 07:09 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2635682205-992849683-4104728822-500 - Administrator - Disabled)
Guest (S-1-5-21-2635682205-992849683-4104728822-501 - Limited - Disabled)
Katka (S-1-5-21-2635682205-992849683-4104728822-1001 - Administrator - Enabled) => C:\Users\Katka
RBJ (S-1-5-21-2635682205-992849683-4104728822-1000 - Administrator - Enabled) => C:\Users\RBJ
Samík (S-1-5-21-2635682205-992849683-4104728822-1002 - Limited - Enabled) => C:\Users\Samík
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/23/2014 10:01:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:44 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:44 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:14 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:14 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (12/23/2014 10:01:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
System errors:
=============
Error: (12/24/2014 07:01:34 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/24/2014 02:31:23 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/24/2014 02:31:23 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 10:01:52 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 10:01:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 10:00:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BlueStacks Android Service%%1064
Error: (12/23/2014 10:00:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (12/23/2014 09:59:02 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 09:59:02 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Error: (12/23/2014 09:59:02 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek OS spustit nástroj chkdsk.
Microsoft Office Sessions:
=========================
Error: (12/23/2014 10:01:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES
Error: (12/23/2014 10:01:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES
Error: (12/23/2014 10:01:44 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS
Error: (12/23/2014 10:01:44 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS
Error: (12/23/2014 10:01:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES
Error: (12/23/2014 10:01:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES
Error: (12/23/2014 10:01:14 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS
Error: (12/23/2014 10:01:14 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS
Error: (12/23/2014 10:01:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS
Error: (12/23/2014 10:01:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
C:\USERS\RBJ\APPDATA\LOCAL\SKYPE\APPS\LOGIN\CSS
CodeIntegrity Errors:
===================================
Date: 2013-03-21 19:25:28.799
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-21 19:25:28.596
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-21 19:25:28.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-03-21 19:25:28.144
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.943
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.779
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.585
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:54.413
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:47.750
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-11-03 23:03:47.587
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P7570 @ 2.26GHz
Percentage of memory in use: 56%
Total physical RAM: 2042.22 MB
Available physical RAM: 881 MB
Total Pagefile: 4325.44 MB
Available Pagefile: 3015.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1885.02 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:30.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:10.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 9559FF61)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=218.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [TaskTray] => [X] HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-10] (Apple Inc.) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [CubeDesktop] => [X] HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [iMesh] => "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Facebook Update] => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-22] (Facebook Inc.) HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] () HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] () HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {52f138d6-6626-11e1-a426-0c607698e54a} - H:\_DSII.exe HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9562bb9e-6ae5-11e1-8700-0c607698e54a} - I:\_DSII.exe HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {96fab215-a24f-11df-9b7b-0c607698e54a} - Install_Nokia_Ovi_Suite.exe HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9caba1d9-c260-11de-9671-0c607698e54a} - F:\cdstart.exe HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess? GroupPolicyUsers\S-1-5-21-2635682205-992849683-4104728822-1002\User: Group Policy restriction detected <======= ATTENTION HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd URLSearchHook: [S-1-5-21-2635682205-992849683-4104728822-1000] ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Extension: Security Protection - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\detgdp@gmail.com [2014-12-23] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-14] CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts= ... XX5VG0VZXP CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1419326174&from=wpm12233&uid=ST9250410ASG_5VG0VZXPXXXX5VG0VZXP" CHR DefaultSearchKeyword: Default -> delta-homes CHR DefaultSuggestURL: Default -> S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 nmwcd; system32\drivers\ccdcmb.sys [X] S3 nmwcdc; system32\drivers\ccdcmbo.sys [X] S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X] S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X] 2014-12-24 08:06 - 2014-12-24 08:07 - 00021530 _____ () C:\Users\RBJ\Desktop\FRST.txt 2014-12-24 08:05 - 2014-12-24 08:05 - 00112640 _____ (forum.viry.cz) C:\Users\RBJ\Desktop\FRSTLauncher.exe 2014-12-23 21:46 - 2014-12-23 21:27 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-12-23 21:28 - 2014-12-23 20:45 - 00027270 _____ () C:\zoek-results2014-12-23-194507.log 2014-12-23 20:56 - 2014-12-23 20:56 - 01295360 _____ () C:\Users\RBJ\Downloads\zoek.exe 2014-12-23 20:51 - 2014-12-23 21:26 - 04134156 _____ () C:\Users\RBJ\Downloads\zoek.zip 2014-12-23 20:49 - 2014-12-23 21:22 - 01295360 _____ () C:\Users\RBJ\Desktop\zoek.exe 2014-12-23 19:16 - 2014-12-23 21:59 - 00000000 ____D () C:\zoek 2014-12-23 19:00 - 2014-12-23 21:59 - 00017790 _____ () C:\zoek-results.log 2014-12-23 18:54 - 2014-12-23 20:51 - 04278341 _____ () C:\Users\RBJ\Downloads\zoek.rar.part 2014-12-23 18:52 - 2014-12-23 21:43 - 00000000 ____D () C:\zoek_backup 2014-12-23 11:58 - 2014-12-23 12:28 - 00000000 ____D () C:\AdwCleaner 2014-12-23 11:57 - 2014-12-23 11:57 - 02173952 _____ () C:\Users\RBJ\Desktop\adwcleaner_4.106.exe 2014-12-23 10:31 - 2014-12-23 10:31 - 00040782 _____ () C:\Users\RBJ\Downloads\Addition.txt Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job => C:\Windows\system32\msfeedssync.exe AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{527C9A9B-B9A2-44B0-84F9-F0DC11C2BCFB}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C206F324-BB45-4765-93FF-3BCA7306FF2E}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{E03E85B0-7BE3-4000-BA98-6C13DE9FA486}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-12-2014
Ran by RBJ at 2014-12-28 12:49:11 Run:2
Running from C:\Users\RBJ\Desktop
Loaded Profile: RBJ (Available profiles: RBJ & Katka & Samík)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [TaskTray] => [X]
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-10] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [iMesh] => "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Facebook Update] => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-22] (Facebook Inc.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {52f138d6-6626-11e1-a426-0c607698e54a} - H:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9562bb9e-6ae5-11e1-8700-0c607698e54a} - I:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {96fab215-a24f-11df-9b7b-0c607698e54a} - Install_Nokia_Ovi_Suite.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9caba1d9-c260-11de-9671-0c607698e54a} - F:\cdstart.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
GroupPolicyUsers\S-1-5-21-2635682205-992849683-4104728822-1002\User: Group Policy restriction detected <======= ATTENTION
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
URLSearchHook: [S-1-5-21-2635682205-992849683-4104728822-1000] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: Security Protection - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\detgdp@gmail.com [2014-12-23]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-14]
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts= ... XX5VG0VZXP
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSuggestURL: Default ->
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
2014-12-24 08:06 - 2014-12-24 08:07 - 00021530 _____ () C:\Users\RBJ\Desktop\FRST.txt
2014-12-24 08:05 - 2014-12-24 08:05 - 00112640 _____ (forum.viry.cz) C:\Users\RBJ\Desktop\FRSTLauncher.exe
2014-12-23 21:46 - 2014-12-23 21:27 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-23 21:28 - 2014-12-23 20:45 - 00027270 _____ () C:\zoek-results2014-12-23-194507.log
2014-12-23 20:56 - 2014-12-23 20:56 - 01295360 _____ () C:\Users\RBJ\Downloads\zoek.exe
2014-12-23 20:51 - 2014-12-23 21:26 - 04134156 _____ () C:\Users\RBJ\Downloads\zoek.zip
2014-12-23 20:49 - 2014-12-23 21:22 - 01295360 _____ () C:\Users\RBJ\Desktop\zoek.exe
2014-12-23 19:16 - 2014-12-23 21:59 - 00000000 ____D () C:\zoek
2014-12-23 19:00 - 2014-12-23 21:59 - 00017790 _____ () C:\zoek-results.log
2014-12-23 18:54 - 2014-12-23 20:51 - 04278341 _____ () C:\Users\RBJ\Downloads\zoek.rar.part
2014-12-23 18:52 - 2014-12-23 21:43 - 00000000 ____D () C:\zoek_backup
2014-12-23 11:58 - 2014-12-23 12:28 - 00000000 ____D () C:\AdwCleaner
2014-12-23 11:57 - 2014-12-23 11:57 - 02173952 _____ () C:\Users\RBJ\Desktop\adwcleaner_4.106.exe
2014-12-23 10:31 - 2014-12-23 10:31 - 00040782 _____ () C:\Users\RBJ\Downloads\Addition.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job => C:\Windows\system32\msfeedssync.exe
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{527C9A9B-B9A2-44B0-84F9-F0DC11C2BCFB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C206F324-BB45-4765-93FF-3BCA7306FF2E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{E03E85B0-7BE3-4000-BA98-6C13DE9FA486}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TaskTray => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CubeDesktop => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\iMesh => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value not found.
"HKU\S-1-5-21-2635682205-992849683-4104728822-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52f138d6-6626-11e1-a426-0c607698e54a}" => Key deleted successfully.
HKCR\CLSID\{52f138d6-6626-11e1-a426-0c607698e54a} => Key not found.
"HKU\S-1-5-21-2635682205-992849683-4104728822-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9562bb9e-6ae5-11e1-8700-0c607698e54a}" => Key deleted successfully.
HKCR\CLSID\{9562bb9e-6ae5-11e1-8700-0c607698e54a} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96fab215-a24f-11df-9b7b-0c607698e54a} => Key not found.
HKCR\CLSID\{96fab215-a24f-11df-9b7b-0c607698e54a} => Key not found.
"HKU\S-1-5-21-2635682205-992849683-4104728822-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9caba1d9-c260-11de-9671-0c607698e54a}" => Key deleted successfully.
HKCR\CLSID\{9caba1d9-c260-11de-9671-0c607698e54a} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} => Key not found.
"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2635682205-992849683-4104728822-1002\User" => File/Directory not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value not found.
Error setting Default URLSearchHook.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\detgdp@gmail.com => not found.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.
Chrome HomePage not detected.
Chrome StartupUrls not detected.
Chrome DefaultSearchKeyword not detected.
Chrome DefaultSuggestURL not detected.
IpInIp => Service not found.
nmwcd => Service not found.
nmwcdc => Service not found.
nmwcdnsu => Service not found.
NwlnkFlt => Service not found.
NwlnkFwd => Service not found.
pccsmcfd => Service not found.
upperdev => Service not found.
UsbserFilt => Service not found.
"C:\Users\RBJ\Desktop\FRST.txt" => File/Directory not found.
"C:\Users\RBJ\Desktop\FRSTLauncher.exe" => File/Directory not found.
"C:\Windows\zoek-delete.exe" => File/Directory not found.
"C:\zoek-results2014-12-23-194507.log" => File/Directory not found.
"C:\Users\RBJ\Downloads\zoek.exe" => File/Directory not found.
"C:\Users\RBJ\Downloads\zoek.zip" => File/Directory not found.
"C:\Users\RBJ\Desktop\zoek.exe" => File/Directory not found.
"C:\zoek" => File/Directory not found.
"C:\zoek-results.log" => File/Directory not found.
"C:\Users\RBJ\Downloads\zoek.rar.part" => File/Directory not found.
"C:\zoek_backup" => File/Directory not found.
"C:\AdwCleaner" => File/Directory not found.
"C:\Users\RBJ\Desktop\adwcleaner_4.106.exe" => File/Directory not found.
"C:\Users\RBJ\Downloads\Addition.txt" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job not found.
"C:\ProgramData\TEMP" => ":2CB9631F" ADS not found.
"C:\ProgramData\TEMP" => ":D1B5B4F1" ADS not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{527C9A9B-B9A2-44B0-84F9-F0DC11C2BCFB} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C206F324-BB45-4765-93FF-3BCA7306FF2E} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{E03E85B0-7BE3-4000-BA98-6C13DE9FA486} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58} => Key not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 698.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog 12:52:08 ====
Ran by RBJ at 2014-12-28 12:49:11 Run:2
Running from C:\Users\RBJ\Desktop
Loaded Profile: RBJ (Available profiles: RBJ & Katka & Samík)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [TaskTray] => [X]
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-10] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [iMesh] => "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Facebook Update] => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-22] (Facebook Inc.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\RBJ\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {52f138d6-6626-11e1-a426-0c607698e54a} - H:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9562bb9e-6ae5-11e1-8700-0c607698e54a} - I:\_DSII.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {96fab215-a24f-11df-9b7b-0c607698e54a} - Install_Nokia_Ovi_Suite.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...\MountPoints2: {9caba1d9-c260-11de-9671-0c607698e54a} - F:\cdstart.exe
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
GroupPolicyUsers\S-1-5-21-2635682205-992849683-4104728822-1002\User: Group Policy restriction detected <======= ATTENTION
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
URLSearchHook: [S-1-5-21-2635682205-992849683-4104728822-1000] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-2635682205-992849683-4104728822-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: Security Protection - C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\detgdp@gmail.com [2014-12-23]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-14]
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts= ... XX5VG0VZXP
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1419326 ... XX5VG0VZXP"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSuggestURL: Default ->
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]
2014-12-24 08:06 - 2014-12-24 08:07 - 00021530 _____ () C:\Users\RBJ\Desktop\FRST.txt
2014-12-24 08:05 - 2014-12-24 08:05 - 00112640 _____ (forum.viry.cz) C:\Users\RBJ\Desktop\FRSTLauncher.exe
2014-12-23 21:46 - 2014-12-23 21:27 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-23 21:28 - 2014-12-23 20:45 - 00027270 _____ () C:\zoek-results2014-12-23-194507.log
2014-12-23 20:56 - 2014-12-23 20:56 - 01295360 _____ () C:\Users\RBJ\Downloads\zoek.exe
2014-12-23 20:51 - 2014-12-23 21:26 - 04134156 _____ () C:\Users\RBJ\Downloads\zoek.zip
2014-12-23 20:49 - 2014-12-23 21:22 - 01295360 _____ () C:\Users\RBJ\Desktop\zoek.exe
2014-12-23 19:16 - 2014-12-23 21:59 - 00000000 ____D () C:\zoek
2014-12-23 19:00 - 2014-12-23 21:59 - 00017790 _____ () C:\zoek-results.log
2014-12-23 18:54 - 2014-12-23 20:51 - 04278341 _____ () C:\Users\RBJ\Downloads\zoek.rar.part
2014-12-23 18:52 - 2014-12-23 21:43 - 00000000 ____D () C:\zoek_backup
2014-12-23 11:58 - 2014-12-23 12:28 - 00000000 ____D () C:\AdwCleaner
2014-12-23 11:57 - 2014-12-23 11:57 - 02173952 _____ () C:\Users\RBJ\Desktop\adwcleaner_4.106.exe
2014-12-23 10:31 - 2014-12-23 10:31 - 00040782 _____ () C:\Users\RBJ\Downloads\Addition.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job => C:\Users\RBJ\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job => C:\Windows\system32\msfeedssync.exe
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{527C9A9B-B9A2-44B0-84F9-F0DC11C2BCFB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C206F324-BB45-4765-93FF-3BCA7306FF2E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{E03E85B0-7BE3-4000-BA98-6C13DE9FA486}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> No File Path
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TaskTray => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CubeDesktop => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\iMesh => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value not found.
"HKU\S-1-5-21-2635682205-992849683-4104728822-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52f138d6-6626-11e1-a426-0c607698e54a}" => Key deleted successfully.
HKCR\CLSID\{52f138d6-6626-11e1-a426-0c607698e54a} => Key not found.
"HKU\S-1-5-21-2635682205-992849683-4104728822-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9562bb9e-6ae5-11e1-8700-0c607698e54a}" => Key deleted successfully.
HKCR\CLSID\{9562bb9e-6ae5-11e1-8700-0c607698e54a} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96fab215-a24f-11df-9b7b-0c607698e54a} => Key not found.
HKCR\CLSID\{96fab215-a24f-11df-9b7b-0c607698e54a} => Key not found.
"HKU\S-1-5-21-2635682205-992849683-4104728822-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9caba1d9-c260-11de-9671-0c607698e54a}" => Key deleted successfully.
HKCR\CLSID\{9caba1d9-c260-11de-9671-0c607698e54a} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} => Key not found.
"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2635682205-992849683-4104728822-1002\User" => File/Directory not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value not found.
Error setting Default URLSearchHook.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
C:\Users\RBJ\AppData\Roaming\Mozilla\Firefox\Profiles\qkhuqvuj.default\Extensions\detgdp@gmail.com => not found.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.
Chrome HomePage not detected.
Chrome StartupUrls not detected.
Chrome DefaultSearchKeyword not detected.
Chrome DefaultSuggestURL not detected.
IpInIp => Service not found.
nmwcd => Service not found.
nmwcdc => Service not found.
nmwcdnsu => Service not found.
NwlnkFlt => Service not found.
NwlnkFwd => Service not found.
pccsmcfd => Service not found.
upperdev => Service not found.
UsbserFilt => Service not found.
"C:\Users\RBJ\Desktop\FRST.txt" => File/Directory not found.
"C:\Users\RBJ\Desktop\FRSTLauncher.exe" => File/Directory not found.
"C:\Windows\zoek-delete.exe" => File/Directory not found.
"C:\zoek-results2014-12-23-194507.log" => File/Directory not found.
"C:\Users\RBJ\Downloads\zoek.exe" => File/Directory not found.
"C:\Users\RBJ\Downloads\zoek.zip" => File/Directory not found.
"C:\Users\RBJ\Desktop\zoek.exe" => File/Directory not found.
"C:\zoek" => File/Directory not found.
"C:\zoek-results.log" => File/Directory not found.
"C:\Users\RBJ\Downloads\zoek.rar.part" => File/Directory not found.
"C:\zoek_backup" => File/Directory not found.
"C:\AdwCleaner" => File/Directory not found.
"C:\Users\RBJ\Desktop\adwcleaner_4.106.exe" => File/Directory not found.
"C:\Users\RBJ\Downloads\Addition.txt" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000Core.job not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2635682205-992849683-4104728822-1000UA.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\User_Feed_Synchronization-{8CBBB754-6D58-4204-A68B-A1A5E4E8F174}.job not found.
"C:\ProgramData\TEMP" => ":2CB9631F" ADS not found.
"C:\ProgramData\TEMP" => ":D1B5B4F1" ADS not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{16d51579-a30b-4c8b-a276-0ff4dc41e755} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{527C9A9B-B9A2-44B0-84F9-F0DC11C2BCFB} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{C206F324-BB45-4765-93FF-3BCA7306FF2E} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{E03E85B0-7BE3-4000-BA98-6C13DE9FA486} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58} => Key not found.
HKU\S-1-5-21-2635682205-992849683-4104728822-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58} => Key not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 698.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog 12:52:08 ====
Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Tak jeste uklidime 
DelFix https://toolslib.net/downloads/finish/2/
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím kontrolu, pomalý NoteBook. Děkuji
Děkuji a přeji hezký zbytek roku.. 
Přispějete na provoz fóra?