prosím pomoc..reklamy,pomalý start..

[radimv]

zdravím a přeji hezký den,

obracím se na vás o pomoc..mám asi silně znečištěné pc.
1,hrozně dlouho startuje
2,hrozně dlouho načítá stránky a celkově různé aplikace
3,a to je největší problém,při serfování na netu se mi prohlížeč zaplavuje raklamama..a když píšu,že zaplavuje,tak doslova topí..nemohu se už dostat takřka na žádnou stránku bez toho,aby mi nevyskakovala reklama,nebo mě to stále někam nepřesměrovávalo..I tohle píšu z jiného pc,protože mi to stále kazí nějaké přesměrování jinam..

Moc moc moc prosím o pomoc..ale prosím trochu strpení,jsem laik..DĚKUJI..

[Rudy]

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[radimv]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-11-2015
Ran by Gregr Radim (administrator) on GREGR-1EUUM3M7H (15-11-2015 19:00:08)
Running from C:\Documents and Settings\Gregr Radim\Plocha
Loaded Profiles: Gregr Radim (Available Profiles: Gregr Radim)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 6 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
() C:\Program Files\Zrychleni Pocitace\PCSUService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(BitTorrent Inc.) C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\uTorrent.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
() C:\Program Files\Hotspot Shield\bin\hsswd.exe
(BitTorrent Inc.) C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\updates\3.4.5_41202\utorrentie.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
(BitTorrent Inc.) C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\updates\3.4.5_41202\utorrentie.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(PS Media s.r.o.) C:\WINDOWS\system32\ssins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(BitTorrent Inc.) C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_31\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_31\bin\java.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\PluginContainer.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\6\Plugin.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\10\Plugin.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\3\Plugin.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\3\Plugin.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\5\Plugin.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\7\Plugin.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\8\Plugin.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\7\Plugin.exe
() C:\Program Files\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\Updater.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\2\Plugin.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\12\Plugin.exe
() C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\12\Plugin.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384512 2007-10-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-03-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SweetIM] => C:\Program Files\SweetIM\Messenger\SweetIM.exe [111928 2010-05-05] (SweetIM Technologies Ltd.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
HKLM\...\Run: [DelaypluginInstall] => C:\Documents and Settings\All Users\Data aplikací\iSkysoft\Video Converter Ultimate\DelayPluginI.exe [1960336 2015-04-10] ()
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2009-09-23] (ATI Technologies Inc.)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [139264 2006-09-13] (Nero AG)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2007-01-05] (Microsoft Corporation)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [GSplay.exe] => C:\Documents%20and%20Settings\Gregr%20Radim\Plocha\GSplay.exe
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [Google Update] => C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [uTorrent] => C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\MountPoints2: {080f4c5e-9d6a-11df-aa21-001d92325b3a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\MountPoints2: {b7536d13-8de8-11df-a9f5-001d92325b3a} - F:\LaunchU3.exe -a
IFEO\applemobilebackup.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\applemobiledevicehelper.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\applemobilesync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bookmarks.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\calendars.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\contacts.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\defaults.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\distnoted.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\formatter.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\iesyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\mdcrashreporttool.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\outlooksyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\safarisyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\syncli.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncplanobserver.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncserver.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncuihandler.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\upgradedb.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
IFEO\windowscontactssync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\windowsmailsync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\yahoosync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies app\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Browser Tab Search by Ask\SafetyNut\safetycrt.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-22] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Gregr Radim\Data aplikací\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Gregr Radim\Data aplikací\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Gregr Radim\Data aplikací\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Gregr Radim\Data aplikací\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk [2014-11-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2007-07-24] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D5491B71-9800-4EFD-8E70-BA57EE4EF429}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggaJQAPUgsTFBgQJAAKTA0QEwAOIlhbVxRHEQEWeFgBAF8UQFYFIk0FA1ADB0VXfVBdFElXTwhuIV5RAlgdZ1xNJA==
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggaJQAPUgsTFBgQJAAKTA0QEwAOIlhbVxRHEQEWeFgBAF8UQFYFIk0FA1ADB0VXfVBdFElXTwhuIV5RAlgdZ1xNJA==
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKLM - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
URLSearchHook: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
URLSearchHook: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
URLSearchHook: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 - Modul přiřazení adres URL - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 - (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQBdWA5CE1cWbQpcWAtcFVQRdRRaAFpHDAMTdAwAAAAQR1BCIx9aFQQTSEcFME0FCFwEURNNfXRZBlASQFllKVdc&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> OldSearch URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQBdWA5CE1cWbQpcWAtcFVQRdRRaAFpHDAMTdAwAAAAQR1BCIx9aFQQTSEcFME0FCFwEURNNfXRZBlASQFllKVdc&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU3&o=15380&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=UJ&apn_dtid=YYYYYYYYCZ&apn_uid=AEE081F3-530B-4107-A102-0D53C0081DD1&apn_sauid=D8BD6C4C-793D-4098-8822-2FF80935AA86
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={2828E7D2-9B16-4922-A114-534E3F1562A9}&mid=a6868eb027a747cd918dd154d4d6b2c9-47e9c89f65b4503d73419ce66828875472b6c663&lang=en&ds=sc011&coid=avgtbdissc&cmpid=&pr=sa&d=2015-05-03 15:59:25&v=18.3.0.885&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: No Name -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-26] (RealPlayer)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: No Name -> {41545534-0076-A76A-76A7-7A786E7484D7} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
BHO: iSkysoft Video Converter Ultimate 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\Documents and Settings\All Users\Data aplikací\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-04-10] (Wondershare)
BHO: No Name -> {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -> No File
BHO: No Name -> {c95a4e8e-816d-4655-8c79-d736da1adb6d} -> No File
BHO: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - No File
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2014-02-25] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> No Name - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No File
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> No Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - No File
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241178572906
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.8.0\ViProtocol.dll [2015-08-17] (AVG Secure Search)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859
FF NewTab: hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAxGeQ4LU1tEDAZHeQsVVVhDFBhBIVoOTA9BFQAbIQBZB1wQQhNBNARaB0tXUUEeGGlxR1dMbFREKVpZDX8YT1E=
FF DefaultSearchEngine: Default
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggaJQAPUgsTFBgQJAAKTA0QEwAOIlhbVxRHEQEWeFgBAF8UQFYFIk0FA18DB0VXfWFoKB8fHHhCJ1BbAFU3SFtH
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=Quicksearch_12902&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [No File]
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.8.0\\npsitesafety.dll [No File]
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2009-01-05] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-12-04] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=12.0.1.647 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.647 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.647 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.647 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @nsroblox.roblox.com/launcher -> C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\RobloxVersions\version-b3ae331dfaef4117\\NPRobloxProxy.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-12-04] (Pando Networks)
FF user.js: detected! => C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\user.js [2015-08-19]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008-09-16] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2008-03-20] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll [2009-09-23] (NOS Microsystems Ltd.)
FF SearchPlugin: C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\searchplugins\avg-secure-search.xml [2015-05-03]
FF SearchPlugin: C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\searchplugins\default.xml [2015-11-15]
FF SearchPlugin: C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\searchplugins\firmycz.xml [2015-08-22]
FF SearchPlugin: C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\searchplugins\zbocz.xml [2015-08-22]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2014-12-14]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2015-08-17]
FF Extension: Seznam lištička - C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-10-14]
FF Extension: Magical Find - C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\Extensions\{fa6f6587-af95-4782-afc5-89c87f90b314}.xpi [2015-08-18] [not signed]
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2015-10-14] [not signed]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-10-14] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-05-26] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-07] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-22] [not signed]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-11-18] [not signed]
FF HKLM\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\Documents and Settings\All Users\Data aplikací\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com
FF Extension: iSkysoft Video Converter Ultimate - C:\Documents and Settings\All Users\Data aplikací\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com [2015-06-07] [not signed]
FF HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Documents and Settings\Gregr Radim\Data aplikacĂ­\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4
CHR RestoreOnStartup: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4"
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-08-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-08-02]
CHR Extension: (SnapMyScreen) - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pnacmlfckijnmogihjeaojfnfiplhhpj [2015-07-09]
CHR HKLM\...\Chrome\Extension: [aaaamlkmhljkmgndohnigdoofhggdnlf] - C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork\Toolbar\ATU4\CRX\ToolbarCR.crx [2014-09-25]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Documents and Settings\Gregr Radim\Data aplikací\BabSolution\CR\BabylonChrome1.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-22]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-05-26]
CHR HKLM\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files\1ClickDownload\1click11.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: chrome.exe - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [110592 2008-02-18] (Apple, Inc.) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-09-25] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-22] (AVAST Software)
S3 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-11] (brother Industries Ltd) [File not signed]
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HssSrv; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [348208 2010-05-13] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [57640 2010-05-13] () [File not signed]
R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [322608 2010-05-13] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-09-12] (Nero AG) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\WINDOWS\system32\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
R2 PCSUService; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [430888 2014-09-23] ()
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [271760 2009-04-27] ()
R2 Service Mgr MagicalFind; C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\PluginContainer.exe [637152 2015-11-15] () <==== ATTENTION
R2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2015-08-14] (PS Media s.r.o.)
R2 Update Mgr MagicalFind; C:\Program Files\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\Updater.exe [546528 2015-11-15] () <==== ATTENTION
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]
S2 PEVSystemStart; "C:\ComboFix\PEV.cfxxe" EXEC /i "C:\ComboFix\REGT.cfxxe" /S "C:\ComboFix\CregB.dat"

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-08-22] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-08-22] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-08-22] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-08-22] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [794952 2015-11-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [435464 2015-11-06] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-08-22] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-08-22] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-08-22] (AVAST Software)
S3 BrScnUsb; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) [File not signed]
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131704 2015-06-16] (BlueStack Systems)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-09-14] (Symantec Corporation)
R1 FldSafe; C:\WINDOWS\System32\DRIVERS\FldSafe.sys [10240 2010-04-09] (Windows (R) Win 7 DDK provider) [File not signed]
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
R3 HssDrv; C:\WINDOWS\System32\DRIVERS\HssDrv.sys [37376 2010-05-13] (AnchorFree Inc.)
S3 k750bus; C:\WINDOWS\System32\DRIVERS\k750bus.sys [55216 2005-07-07] (MCCI)
S3 k750mdfl; C:\WINDOWS\System32\DRIVERS\k750mdfl.sys [6576 2005-07-07] (MCCI)
S3 k750mdm; C:\WINDOWS\System32\DRIVERS\k750mdm.sys [89872 2005-07-07] (MCCI)
S3 k750mgmt; C:\WINDOWS\System32\DRIVERS\k750mgmt.sys [81728 2005-07-07] (MCCI)
S3 k750obex; C:\WINDOWS\System32\DRIVERS\k750obex.sys [79488 2005-07-07] (MCCI)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2008-12-16] (VSO Software) [File not signed]
R1 prodrv06; C:\WINDOWS\System32\drivers\prodrv06.sys [79488 2004-05-13] (Protection Technology) [File not signed]
R0 prohlp02; C:\WINDOWS\System32\drivers\prohlp02.sys [111808 2004-05-13] (Protection Technology) [File not signed]
R0 prosync1; C:\WINDOWS\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [33052 2007-08-07] (PowerISO Computing, Inc.) [File not signed]
R0 sfdrv01a; C:\WINDOWS\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce))
R0 sfhlp01; C:\WINDOWS\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [82296 2007-01-12] (Protection Technology (StarForce))
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-04-02] () [File not signed]
R3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [32768 2010-05-13] (AnchorFree Inc)
S3 w200bus; C:\WINDOWS\System32\DRIVERS\w200bus.sys [61504 2006-11-07] (MCCI)
S3 w200mdfl; C:\WINDOWS\System32\DRIVERS\w200mdfl.sys [9328 2006-11-07] (MCCI)
S3 w200mdm; C:\WINDOWS\System32\DRIVERS\w200mdm.sys [97056 2006-11-07] (MCCI)
S3 w200mgmt; C:\WINDOWS\System32\DRIVERS\w200mgmt.sys [88560 2006-11-07] (MCCI)
S3 w200obex; C:\WINDOWS\System32\DRIVERS\w200obex.sys [86368 2006-11-07] (MCCI)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-05-07] (CyberLink Corp.)
S3 catchme; \??\C:\DOCUME~1\GREGRR~1\LOCALS~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-15 19:00 - 2015-11-15 19:00 - 00045109 _____ C:\Documents and Settings\Gregr Radim\Plocha\FRST.txt
2015-11-15 19:00 - 2015-11-15 19:00 - 00000000 ____D C:\FRST
2015-11-15 18:59 - 2015-11-15 18:58 - 01702400 _____ (Farbar) C:\Documents and Settings\Gregr Radim\Plocha\FRST.exe
2015-11-15 13:19 - 2015-11-15 13:19 - 00017607 _____ C:\Documents and Settings\Gregr Radim\Plocha\hijackthis.log
2015-11-15 13:19 - 2015-11-15 13:16 - 00401720 _____ (Trend Micro Inc.) C:\Documents and Settings\Gregr Radim\Plocha\HijackThis.exe
2015-11-15 10:12 - 2015-11-15 10:11 - 00068000 ____H C:\WINDOWS\Minidump\Mini111515-01.dmp
2015-11-12 18:35 - 2015-11-12 19:22 - 00000000 ____D C:\Program Files\Hearthstone
2015-11-11 17:25 - 2015-11-11 17:25 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2015-11-11 17:25 - 2015-11-11 17:25 - 00001409 _____ C:\WINDOWS\QTFont.for
2015-11-11 15:00 - 2015-11-11 14:59 - 00068000 ____H C:\WINDOWS\Minidump\Mini111115-01.dmp
2015-11-09 19:00 - 2015-11-09 19:00 - 00000099 _____ C:\Documents and Settings\Gregr Radim\Plocha\SERVIS 24 Internetbanking - Česká Spořitelna - Přihlášení.url
2015-11-02 18:02 - 2015-11-02 18:01 - 00068000 ____H C:\WINDOWS\Minidump\Mini110215-01.dmp
2015-10-23 19:12 - 2015-10-23 19:12 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Blizzard
2015-10-20 12:35 - 2015-10-20 12:35 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikacĂ­
2015-10-20 12:27 - 2015-10-20 12:27 - 00000638 _____ C:\Documents and Settings\All Users\Plocha\Steam.lnk
2015-10-18 13:58 - 2015-10-18 13:58 - 00000076 _____ C:\Documents and Settings\Gregr Radim\Plocha\Skinhead tričko Skinhead - Kingshop.cz.url
2015-10-18 13:26 - 2015-10-18 13:32 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Plocha\Nová složka (2)
2015-10-17 13:52 - 2015-11-11 18:52 - 05286088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-15 19:01 - 2011-03-12 19:15 - 00000246 _____ C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
2015-11-15 19:00 - 2010-04-24 14:45 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Local Settings\temp
2015-11-15 19:00 - 2008-05-31 02:03 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Plocha
2015-11-15 18:57 - 2008-05-31 17:40 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent
2015-11-15 18:52 - 2012-11-25 15:34 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-15 18:25 - 2015-08-19 09:03 - 00000000 ____D C:\Program Files\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1
2015-11-15 18:23 - 2012-02-11 15:25 - 00001050 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003UA.job
2015-11-15 18:19 - 2014-09-27 12:46 - 00000346 _____ C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job
2015-11-15 18:14 - 2012-10-27 16:05 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Data aplikací\.minecraft
2015-11-15 18:13 - 2013-02-03 13:23 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-15 16:46 - 2008-05-31 02:03 - 00032476 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-15 16:24 - 2015-08-19 09:03 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1
2015-11-15 16:13 - 2013-02-03 13:23 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-15 16:13 - 2008-05-31 02:03 - 00000000 ___HD C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací
2015-11-15 15:23 - 2012-02-11 15:25 - 00000998 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003Core.job
2015-11-15 15:00 - 2008-05-31 02:40 - 01792575 ____C C:\WINDOWS\WindowsUpdate.log
2015-11-15 14:33 - 2011-05-26 14:24 - 00000298 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-1647877149-839522115-1003.job
2015-11-15 13:14 - 2015-10-14 13:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-15 12:41 - 2014-07-15 20:01 - 00000452 ____H C:\WINDOWS\Tasks\Norton Security Scan for Gregr Radim.job
2015-11-15 12:15 - 2015-03-26 18:00 - 00000000 ____D C:\Documents and Settings\Gregr Radim\GSplay
2015-11-15 10:15 - 2013-02-03 13:23 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-11-15 10:14 - 2014-09-27 12:46 - 00000000 ____D C:\Program Files\Zrychleni Pocitace
2015-11-15 10:13 - 2015-08-14 11:42 - 00000000 _____ C:\WINDOWS\system32\sinstall.log
2015-11-15 10:13 - 2008-05-31 03:56 - 00000159 ____C C:\WINDOWS\wiadebug.log
2015-11-15 10:13 - 2008-05-31 03:56 - 00000050 ____C C:\WINDOWS\wiaservc.log
2015-11-15 10:12 - 2014-03-28 06:42 - 00000234 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-11-15 10:12 - 2012-08-20 12:57 - 00000290 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1647877149-839522115-1003.job
2015-11-15 10:12 - 2012-04-26 14:35 - 00000000 ____D C:\Program Files\Steam
2015-11-15 10:12 - 2008-12-06 11:52 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-15 10:12 - 2008-05-31 02:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-14 19:26 - 2008-05-31 02:20 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2015-11-14 19:26 - 2008-05-31 02:03 - 00000178 ___SH C:\Documents and Settings\Gregr Radim\ntuser.ini
2015-11-14 19:25 - 2008-05-31 02:03 - 00000000 ____D C:\Documents and Settings\Gregr Radim
2015-11-14 11:14 - 2008-06-04 08:13 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
2015-11-13 16:17 - 2013-07-21 20:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 15:54 - 2009-05-03 13:48 - 143250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-13 15:51 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-12 19:24 - 2014-12-30 20:09 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Battle.net
2015-11-12 19:23 - 2014-12-30 20:08 - 00000000 ____D C:\Program Files\Battle.net
2015-11-12 14:25 - 2013-01-17 18:53 - 00002303 _____ C:\Documents and Settings\Gregr Radim\Plocha\Google Chrome.lnk
2015-11-11 20:08 - 2008-05-31 16:34 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-11-11 18:52 - 2012-11-25 15:34 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-11-11 18:52 - 2011-10-01 12:13 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-11-11 18:30 - 2015-02-06 10:59 - 00148045 _____ C:\WINDOWS\setupapi.log
2015-11-11 14:42 - 2008-05-31 16:59 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Data aplikací\Skype
2015-11-08 14:01 - 2014-12-25 20:13 - 00000000 ____D C:\Program Files\Call Of Duty Modern Warfare 2
2015-11-06 16:53 - 2013-02-03 13:23 - 00794952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-11-06 16:53 - 2013-02-03 13:23 - 00435464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-11-04 16:14 - 2015-07-11 18:31 - 00000000 ____D C:\Program Files\Valve
2015-10-29 16:31 - 2010-04-24 14:45 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2015-10-25 11:24 - 2008-06-04 09:02 - 00159744 ____C C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-25 11:05 - 2008-05-31 03:55 - 01192622 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-23 19:16 - 2014-12-30 20:09 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Data aplikací\Battle.net
2015-10-20 12:27 - 2008-05-31 03:54 - 00000000 ____D C:\Documents and Settings\All Users\Plocha

==================== Files in the root of some directories =======

2013-02-12 10:19 - 2013-02-10 18:04 - 0119888 _____ () C:\Documents and Settings\Gregr Radim\Data aplikací\BabMaint.exe
2008-05-31 20:19 - 2008-12-16 19:16 - 0007887 ____C () C:\Documents and Settings\Gregr Radim\Data aplikací\pcouffin.cat
2008-05-31 20:19 - 2008-12-16 19:16 - 0001144 ____C () C:\Documents and Settings\Gregr Radim\Data aplikací\pcouffin.inf
2008-05-31 20:19 - 2008-12-16 19:16 - 0000034 ____C () C:\Documents and Settings\Gregr Radim\Data aplikací\pcouffin.log
2008-05-31 20:19 - 2008-12-16 19:16 - 0047360 ____C (VSO Software) C:\Documents and Settings\Gregr Radim\Data aplikací\pcouffin.sys
2009-11-19 17:22 - 2010-12-24 19:16 - 0138056 ____C () C:\Documents and Settings\Gregr Radim\Data aplikací\PnkBstrK.sys
2008-06-04 09:02 - 2015-10-25 11:24 - 0159744 ____C () C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-03 19:52 - 2014-09-02 19:12 - 0000162 _____ () C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\rbxcsettings.rbx

Files to move or delete:
====================
C:\Documents and Settings\Gregr Radim\check.bat


Some files in TEMP:
====================
C:\Documents and Settings\Gregr Radim\Local Settings\temp\atcMedia3761441723029.exe
C:\Documents and Settings\Gregr Radim\Local Settings\temp\DseShExt-x86.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\SDShelEx-win32.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\SkypeSetup.exe
C:\Documents and Settings\Gregr Radim\Local Settings\temp\sqlite-3.8.2-x86-sqlitejdbc.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\utils.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\{1646AFFC-11EB-4B39-A4A9-E58EE83BB035}.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\{18DC6B72-D3A9-4B15-9339-8A8F10DCB42C}.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\{3A1B3F96-2AC5-4216-B663-824C5CF178D9}.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\{B5383DB8-B153-4680-B5F0-523BE3768544}.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\{C91EA3D0-CC36-41C7-9708-1030BEF8FC46}.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[Rudy]

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[radimv]

# AdwCleaner v5.021 - Logfile created 15/11/2015 at 21:07:05
# Updated 14/11/2015 by Xplode
# Database : 2015-11-13.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Gregr Radim - GREGR-1EUUM3M7H
# Running from : C:\Documents and Settings\Gregr Radim\Plocha\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : pcsuservice
[-] Service Deleted : Service Mgr MagicalFind
[-] Service Deleted : Update Mgr MagicalFind

***** [ Folders ] *****

[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SafetyNut
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SweetIM
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Trymedia
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1
[!] Folder Not Deleted : C:\Documents and Settings\All Users\Data aplikací\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\Zrychleni Pocitace
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\AppData\LocalLow\bbrs_002.tb
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\BabSolution
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\BabylonToolbar
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Browser Tab Search by Ask
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\BrowserCompanion
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Complitly
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\HPAppData
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\iWin
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\OpenCandy
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\ilividbandoomoviestoolbar
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\RPEng
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\3csqj9yn.default\ConduitCommon
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\3csqj9yn.default\Extensions\toolbar@ask.com
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Dokumenty\PCSpeedUp
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\AskPartnerNetwork
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\AskToolbar
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Conduit
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\globalUpdate
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\iLivid
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\VNT
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Winamp Toolbar
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pnacmlfckijnmogihjeaojfnfiplhhpj
[-] Folder Deleted : C:\Documents and Settings\Gregr Radim\Nabídka Start\Programy\GotClip
[-] Folder Deleted : C:\Program Files\Ask.com
[-] Folder Deleted : C:\Program Files\AskPartnerNetwork
[-] Folder Deleted : C:\Program Files\Babylon
[-] Folder Deleted : C:\Program Files\Browser Tab Search by Ask
[-] Folder Deleted : C:\Program Files\BrowserCompanion
[-] Folder Deleted : C:\Program Files\Complitly
[-] Folder Deleted : C:\Program Files\Conduit
[-] Folder Deleted : C:\Program Files\Freeze.com
[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\ICQ6Toolbar
[-] Folder Deleted : C:\Program Files\icqtoolbar
[-] Folder Deleted : C:\Program Files\iWebar
[-] Folder Deleted : C:\Program Files\Object Browser
[-] Folder Deleted : C:\Program Files\Search Fairy
[-] Folder Deleted : C:\Program Files\SpeedItup Free
[-] Folder Deleted : C:\Program Files\SweetIM
[-] Folder Deleted : C:\Program Files\VNT
[-] Folder Deleted : C:\Program Files\Winamp Toolbar
[-] Folder Deleted : C:\Program Files\Zrychleni Pocitace
[-] Folder Deleted : C:\Program Files\GotClip
[-] Folder Deleted : C:\Program Files\Magical Find
[!] Folder Not Deleted : C:\Program Files\SpeedItup Free
[!] Folder Not Deleted : C:\Program Files\iWebar
[!] Folder Not Deleted : C:\Program Files\Object Browser
[-] Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1
[!] Folder Not Deleted : C:\Program Files\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1
[-] Folder Deleted : C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Files ] *****

[-] File Deleted : C:\DOCUME~1\GREGRR~1\LOCALS~1\Temp\Utils.dll
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\BabMaint.exe
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\3csqj9yn.default\user.js
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\3csqj9yn.default\user.js
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\user.js
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\user.js
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\searchplugins\default.xml
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pnacmlfckijnmogihjeaojfnfiplhhpj_0.localstorage
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pnacmlfckijnmogihjeaojfnfiplhhpj_0.localstorage-journal
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage
[-] File Deleted : C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage-journal
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : PC SpeedUp Service Deactivator
[-] Task Deleted : Scheduled Update for Ask Toolbar

***** [ Registry ] *****

[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp
[-] Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
[-] Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
[-] Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
[-] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
[-] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
[!] Value Not Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
[!] Value Not Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
[-] Key Deleted : HKLM\SOFTWARE\microsoft\shared tools\msconfig\startupreg\PCSpeedUp
[-] Key Deleted : HKLM\SOFTWARE\microsoft\shared tools\msconfig\startupreg\ApnTBMon
[-] Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry
[-] Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils
[-] Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry.1
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [iWebar-bg.exe]
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1460988
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0142D788-C4FC-4ED8-2222-D654E27AF7F8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1843388-EFC2-49C9-2222-FC0C403B0EBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1D87888-DEAA-4971-2222-5D5046F2B3BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555510}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556610}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1011E88-B997-11CF-2222-0080C7B2D6BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554410}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0CAA5FE-7C9C-4DCA-A265-63CF55379D1A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0CAA5FE-7C9C-4DCA-A265-63CF55379D1A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85e825fd-06ef-454f-afd7-ca38ae5ab55a}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c944a9f9-efc7-4b95-a915-bb1e34df08ca}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eb5d1102-d66d-4156-8583-78ee3e9c4b18}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C0CAA5FE-7C9C-4DCA-A265-63CF55379D1A}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
[-] Key Deleted : HKCU\Software\1ClickDownload
[-] Key Deleted : HKCU\Software\APN
[-] Key Deleted : HKCU\Software\APNDTX
[-] Key Deleted : HKCU\Software\Ask.com
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\AskToolbar
[-] Key Deleted : HKCU\Software\AVG SafeGuard toolbar
[-] Key Deleted : HKCU\Software\BabylonToolbar
[-] Key Deleted : HKCU\Software\Blabbers
[-] Key Deleted : HKCU\Software\Complitly
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Crossrider
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\iWebar
[-] Key Deleted : HKCU\Software\Microsoft\Babylon
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\PriceGong
[-] Key Deleted : HKCU\Software\SafetyNut
[-] Key Deleted : HKCU\Software\Speedchecker Limited
[-] Key Deleted : HKCU\Software\SweetIM
[-] Key Deleted : HKCU\Software\Winamp Toolbar
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\VNT
[!] Key Not Deleted : HKCU\Software\iWebar
[-] Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
[-] Key Deleted : HKLM\SOFTWARE\APN
[-] Key Deleted : HKLM\SOFTWARE\AskToolbar
[-] Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\BabylonToolbar
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\DataMngr
[-] Key Deleted : HKLM\SOFTWARE\Freeze.com
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Iminent
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\iWebar
[-] Key Deleted : HKLM\SOFTWARE\Object Browser
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\SafetyNut
[-] Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
[-] Key Deleted : HKLM\SOFTWARE\SweetIM
[-] Key Deleted : HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : HKLM\SOFTWARE\Trymedia Systems
[-] Key Deleted : HKLM\SOFTWARE\Winamp Toolbar
[!] Key Not Deleted : HKLM\SOFTWARE\iWebar
[!] Key Not Deleted : HKLM\SOFTWARE\Object Browser
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DA95E878-B181-4366-A433-6145592707A8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iWebar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser Tab Search by Ask_Chrome
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Magical Find
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iWebar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DA95E878-B181-4366-A433-6145592707A8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownloader
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iWebar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Browser Tab Search by Ask_Chrome
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividbandoomoviestoolbarIE
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Magical Find
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iWebar
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\iWebar
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKU\.DEFAULT\Software\VNT
[!] Key Not Deleted : HKU\.DEFAULT\Software\iWebar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAxGeQ4LU1tEDAZHeQsVVVhDFBhBIVoOTA9BFQAbIQBZB1wQQhNBNARaB0tXUUEeGGlxR1dMbFREKVpZDX8YT1E=");
[-] [C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggaJQAPUgsTFBgQJAAKTA0QEwAOIlhbVxRHEQEWeFgBAF8UQFYFIk0FA18DB0VXfWFoKB8fHHhCJ1BbAFU3SFtH");
[-] [C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\prefs.js] [Preference] Deleted : user_pref("extensions.foxcub.prev.search.selected", "AVG Secure Search");
[-] [C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : babylon.com
[-] [C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask search
[-] [C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaajmcbjelppeedjdebbfppfjdeeinp
[-] [C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pnacmlfckijnmogihjeaojfnfiplhhpj
[-] [C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : Ask.com

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [54756 bytes] ##########

[Rudy]

Dejte nový log FRST.

[radimv]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-11-2015
Ran by Gregr Radim (administrator) on GREGR-1EUUM3M7H (15-11-2015 21:58:12)
Running from C:\Documents and Settings\Gregr Radim\Plocha
Loaded Profiles: Gregr Radim (Available Profiles: Gregr Radim)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 6 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(BitTorrent Inc.) C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\uTorrent.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
() C:\Program Files\Hotspot Shield\bin\hsswd.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(PS Media s.r.o.) C:\WINDOWS\system32\ssins.exe
(BitTorrent Inc.) C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\updates\3.4.5_41202\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(BitTorrent Inc.) C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384512 2007-10-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-03-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
HKLM\...\Run: [DelaypluginInstall] => C:\Documents and Settings\All Users\Data aplikací\iSkysoft\Video Converter Ultimate\DelayPluginI.exe [1960336 2015-04-10] ()
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2009-09-23] (ATI Technologies Inc.)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [139264 2006-09-13] (Nero AG)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2007-01-05] (Microsoft Corporation)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [GSplay.exe] => C:\Documents%20and%20Settings\Gregr%20Radim\Plocha\GSplay.exe
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [Google Update] => C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [uTorrent] => C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\MountPoints2: {080f4c5e-9d6a-11df-aa21-001d92325b3a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\MountPoints2: {b7536d13-8de8-11df-a9f5-001d92325b3a} - F:\LaunchU3.exe -a
IFEO\applemobilebackup.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\applemobiledevicehelper.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\applemobilesync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\bookmarks.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\calendars.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\contacts.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\defaults.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\distnoted.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\formatter.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\iesyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\mdcrashreporttool.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\outlooksyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\safarisyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncli.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncplanobserver.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncserver.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncuihandler.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\upgradedb.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\windowscontactssync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\windowsmailsync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\yahoosync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-22] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Gregr Radim\Data aplikací\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Gregr Radim\Data aplikací\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Gregr Radim\Data aplikací\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Gregr Radim\Data aplikací\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk [2014-11-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2007-07-24] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D5491B71-9800-4EFD-8E70-BA57EE4EF429}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 - Modul přiřazení adres URL - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> OldSearch URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-26] (RealPlayer)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: No Name -> {41545534-0076-A76A-76A7-7A786E7484D7} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
BHO: iSkysoft Video Converter Ultimate 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\Documents and Settings\All Users\Data aplikací\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-04-10] (Wondershare)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2014-02-25] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241178572906
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859
FF DefaultSearchEngine: Default
FF SelectedSearchEngine: Seznam
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=Quicksearch_12902&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [No File]
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2009-01-05] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-12-04] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=12.0.1.647 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.647 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.647 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.647 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @nsroblox.roblox.com/launcher -> C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\RobloxVersions\version-b3ae331dfaef4117\\NPRobloxProxy.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2025429265-1647877149-839522115-1003: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-12-04] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008-09-16] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2008-03-20] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2008-06-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2011-05-26] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll [2009-09-23] (NOS Microsystems Ltd.)
FF SearchPlugin: C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\searchplugins\firmycz.xml [2015-08-22]
FF SearchPlugin: C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\searchplugins\zbocz.xml [2015-08-22]
FF Extension: Magical Find - C:\Documents and Settings\Gregr Radim\Data aplikací\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\Extensions\{fa6f6587-af95-4782-afc5-89c87f90b314}.xpi [2015-08-18] [not signed]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-10-14] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-05-26] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-07] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-22] [not signed]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-11-18] [not signed]
FF HKLM\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\Documents and Settings\All Users\Data aplikací\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com
FF Extension: iSkysoft Video Converter Ultimate - C:\Documents and Settings\All Users\Data aplikací\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com [2015-06-07] [not signed]
FF HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Documents and Settings\Gregr Radim\Data aplikacĂ­\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4
CHR RestoreOnStartup: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4"
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-08-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-08-02]
CHR HKLM\...\Chrome\Extension: [aaaamlkmhljkmgndohnigdoofhggdnlf] - C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork\Toolbar\ATU4\CRX\ToolbarCR.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-22]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-05-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: chrome.exe - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome - C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [110592 2008-02-18] (Apple, Inc.) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-09-25] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-22] (AVAST Software)
S3 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-11] (brother Industries Ltd) [File not signed]
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HssSrv; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [348208 2010-05-13] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [57640 2010-05-13] () [File not signed]
R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [322608 2010-05-13] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-09-12] (Nero AG) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\WINDOWS\system32\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [271760 2009-04-27] ()
R2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2015-08-14] (PS Media s.r.o.)
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]
S2 PEVSystemStart; "C:\ComboFix\PEV.cfxxe" EXEC /i "C:\ComboFix\REGT.cfxxe" /S "C:\ComboFix\CregB.dat"

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-08-22] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-08-22] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-08-22] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-08-22] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [794952 2015-11-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [435464 2015-11-06] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-08-22] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-08-22] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-08-22] (AVAST Software)
S3 BrScnUsb; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) [File not signed]
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131704 2015-06-16] (BlueStack Systems)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-09-14] (Symantec Corporation)
R1 FldSafe; C:\WINDOWS\System32\DRIVERS\FldSafe.sys [10240 2010-04-09] (Windows (R) Win 7 DDK provider) [File not signed]
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
R3 HssDrv; C:\WINDOWS\System32\DRIVERS\HssDrv.sys [37376 2010-05-13] (AnchorFree Inc.)
S3 k750bus; C:\WINDOWS\System32\DRIVERS\k750bus.sys [55216 2005-07-07] (MCCI)
S3 k750mdfl; C:\WINDOWS\System32\DRIVERS\k750mdfl.sys [6576 2005-07-07] (MCCI)
S3 k750mdm; C:\WINDOWS\System32\DRIVERS\k750mdm.sys [89872 2005-07-07] (MCCI)
S3 k750mgmt; C:\WINDOWS\System32\DRIVERS\k750mgmt.sys [81728 2005-07-07] (MCCI)
S3 k750obex; C:\WINDOWS\System32\DRIVERS\k750obex.sys [79488 2005-07-07] (MCCI)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2008-12-16] (VSO Software) [File not signed]
R1 prodrv06; C:\WINDOWS\System32\drivers\prodrv06.sys [79488 2004-05-13] (Protection Technology) [File not signed]
R0 prohlp02; C:\WINDOWS\System32\drivers\prohlp02.sys [111808 2004-05-13] (Protection Technology) [File not signed]
R0 prosync1; C:\WINDOWS\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [33052 2007-08-07] (PowerISO Computing, Inc.) [File not signed]
R0 sfdrv01a; C:\WINDOWS\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce))
R0 sfhlp01; C:\WINDOWS\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [82296 2007-01-12] (Protection Technology (StarForce))
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-04-02] () [File not signed]
R3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [32768 2010-05-13] (AnchorFree Inc)
S3 w200bus; C:\WINDOWS\System32\DRIVERS\w200bus.sys [61504 2006-11-07] (MCCI)
S3 w200mdfl; C:\WINDOWS\System32\DRIVERS\w200mdfl.sys [9328 2006-11-07] (MCCI)
S3 w200mdm; C:\WINDOWS\System32\DRIVERS\w200mdm.sys [97056 2006-11-07] (MCCI)
S3 w200mgmt; C:\WINDOWS\System32\DRIVERS\w200mgmt.sys [88560 2006-11-07] (MCCI)
S3 w200obex; C:\WINDOWS\System32\DRIVERS\w200obex.sys [86368 2006-11-07] (MCCI)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-05-07] (CyberLink Corp.)
S3 catchme; \??\C:\DOCUME~1\GREGRR~1\LOCALS~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-15 21:15 - 2015-11-15 21:15 - 00054839 _____ C:\Documents and Settings\Gregr Radim\Plocha\AdwCleaner[C1].txt
2015-11-15 21:03 - 2015-11-15 21:07 - 00000000 ____D C:\AdwCleaner
2015-11-15 21:03 - 2015-11-15 19:40 - 01732096 _____ C:\Documents and Settings\Gregr Radim\Plocha\adwcleaner_5.021.exe
2015-11-15 19:01 - 2015-11-15 19:02 - 00109641 _____ C:\Documents and Settings\Gregr Radim\Plocha\Addition.txt
2015-11-15 19:00 - 2015-11-15 21:58 - 00035158 _____ C:\Documents and Settings\Gregr Radim\Plocha\FRST.txt
2015-11-15 19:00 - 2015-11-15 21:58 - 00000000 ____D C:\FRST
2015-11-15 18:59 - 2015-11-15 18:58 - 01702400 _____ (Farbar) C:\Documents and Settings\Gregr Radim\Plocha\FRST.exe
2015-11-15 13:19 - 2015-11-15 13:19 - 00017607 _____ C:\Documents and Settings\Gregr Radim\Plocha\hijackthis.log
2015-11-15 13:19 - 2015-11-15 13:16 - 00401720 _____ (Trend Micro Inc.) C:\Documents and Settings\Gregr Radim\Plocha\HijackThis.exe
2015-11-15 10:12 - 2015-11-15 10:11 - 00068000 ____H C:\WINDOWS\Minidump\Mini111515-01.dmp
2015-11-12 18:35 - 2015-11-12 19:22 - 00000000 ____D C:\Program Files\Hearthstone
2015-11-11 17:25 - 2015-11-11 17:25 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2015-11-11 17:25 - 2015-11-11 17:25 - 00001409 _____ C:\WINDOWS\QTFont.for
2015-11-11 15:00 - 2015-11-11 14:59 - 00068000 ____H C:\WINDOWS\Minidump\Mini111115-01.dmp
2015-11-09 19:00 - 2015-11-09 19:00 - 00000099 _____ C:\Documents and Settings\Gregr Radim\Plocha\SERVIS 24 Internetbanking - Česká Spořitelna - Přihlášení.url
2015-11-02 18:02 - 2015-11-02 18:01 - 00068000 ____H C:\WINDOWS\Minidump\Mini110215-01.dmp
2015-10-23 19:12 - 2015-10-23 19:12 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Blizzard
2015-10-20 12:35 - 2015-10-20 12:35 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikacĂ­
2015-10-20 12:27 - 2015-10-20 12:27 - 00000638 _____ C:\Documents and Settings\All Users\Plocha\Steam.lnk
2015-10-18 13:58 - 2015-10-18 13:58 - 00000076 _____ C:\Documents and Settings\Gregr Radim\Plocha\Skinhead tričko Skinhead - Kingshop.cz.url
2015-10-18 13:26 - 2015-10-18 13:32 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Plocha\Nová složka (2)
2015-10-17 13:52 - 2015-11-11 18:52 - 05286088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-15 21:58 - 2010-04-24 14:45 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Local Settings\temp
2015-11-15 21:54 - 2008-05-31 17:40 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Data aplikací\uTorrent
2015-11-15 21:52 - 2012-11-25 15:34 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-15 21:52 - 2008-05-31 02:03 - 00032530 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-15 21:23 - 2012-02-11 15:25 - 00001050 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003UA.job
2015-11-15 21:15 - 2008-05-31 02:03 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Plocha
2015-11-15 21:14 - 2013-02-03 13:23 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-15 21:14 - 2013-02-03 13:23 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-11-15 21:14 - 2008-05-31 02:40 - 01818541 ____C C:\WINDOWS\WindowsUpdate.log
2015-11-15 21:12 - 2015-08-14 11:42 - 00000000 _____ C:\WINDOWS\system32\sinstall.log
2015-11-15 21:12 - 2014-03-28 06:42 - 00000234 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-11-15 21:12 - 2013-02-03 13:23 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-15 21:12 - 2012-08-20 12:57 - 00000290 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1647877149-839522115-1003.job
2015-11-15 21:12 - 2012-04-26 14:35 - 00000000 ____D C:\Program Files\Steam
2015-11-15 21:12 - 2008-05-31 03:56 - 00000157 ____C C:\WINDOWS\wiadebug.log
2015-11-15 21:12 - 2008-05-31 03:56 - 00000050 ____C C:\WINDOWS\wiaservc.log
2015-11-15 21:12 - 2008-05-31 02:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-15 21:09 - 2008-05-31 02:20 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2015-11-15 21:09 - 2008-05-31 02:03 - 00000178 __SHC C:\Documents and Settings\LocalService\ntuser.ini
2015-11-15 21:09 - 2008-05-31 02:03 - 00000178 ___SH C:\Documents and Settings\Gregr Radim\ntuser.ini
2015-11-15 21:08 - 2008-05-31 02:03 - 00000000 __RHD C:\Documents and Settings\Gregr Radim\Data aplikací
2015-11-15 21:08 - 2008-05-31 02:03 - 00000000 ____D C:\Documents and Settings\Gregr Radim
2015-11-15 21:07 - 2008-05-31 03:54 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-11-15 21:07 - 2008-05-31 03:54 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-11-15 21:07 - 2008-05-31 02:03 - 00000000 ___RD C:\Documents and Settings\Gregr Radim\Nabídka Start\Programy
2015-11-15 21:07 - 2008-05-31 02:03 - 00000000 ___RD C:\Documents and Settings\Gregr Radim\Dokumenty
2015-11-15 21:07 - 2008-05-31 02:03 - 00000000 ___HD C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací
2015-11-15 18:14 - 2012-10-27 16:05 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Data aplikací\.minecraft
2015-11-15 15:23 - 2012-02-11 15:25 - 00000998 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003Core.job
2015-11-15 14:33 - 2011-05-26 14:24 - 00000298 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-1647877149-839522115-1003.job
2015-11-15 13:14 - 2015-10-14 13:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-15 12:41 - 2014-07-15 20:01 - 00000452 ____H C:\WINDOWS\Tasks\Norton Security Scan for Gregr Radim.job
2015-11-15 12:15 - 2015-03-26 18:00 - 00000000 ____D C:\Documents and Settings\Gregr Radim\GSplay
2015-11-15 10:12 - 2008-12-06 11:52 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-14 11:14 - 2008-06-04 08:13 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
2015-11-13 16:17 - 2013-07-21 20:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 15:54 - 2009-05-03 13:48 - 143250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-13 15:51 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-12 19:24 - 2014-12-30 20:09 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\Battle.net
2015-11-12 19:23 - 2014-12-30 20:08 - 00000000 ____D C:\Program Files\Battle.net
2015-11-12 14:25 - 2013-01-17 18:53 - 00002303 _____ C:\Documents and Settings\Gregr Radim\Plocha\Google Chrome.lnk
2015-11-11 20:08 - 2008-05-31 16:34 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-11-11 18:52 - 2012-11-25 15:34 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-11-11 18:52 - 2011-10-01 12:13 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-11-11 18:30 - 2015-02-06 10:59 - 00148045 _____ C:\WINDOWS\setupapi.log
2015-11-11 14:42 - 2008-05-31 16:59 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Data aplikací\Skype
2015-11-08 14:01 - 2014-12-25 20:13 - 00000000 ____D C:\Program Files\Call Of Duty Modern Warfare 2
2015-11-06 16:53 - 2013-02-03 13:23 - 00794952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-11-06 16:53 - 2013-02-03 13:23 - 00435464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-11-04 16:14 - 2015-07-11 18:31 - 00000000 ____D C:\Program Files\Valve
2015-10-29 16:31 - 2010-04-24 14:45 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2015-10-25 11:24 - 2008-06-04 09:02 - 00159744 ____C C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-25 11:05 - 2008-05-31 03:55 - 01192622 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-23 19:16 - 2014-12-30 20:09 - 00000000 ____D C:\Documents and Settings\Gregr Radim\Data aplikací\Battle.net
2015-10-20 12:27 - 2008-05-31 03:54 - 00000000 ____D C:\Documents and Settings\All Users\Plocha

==================== Files in the root of some directories =======

2008-05-31 20:19 - 2008-12-16 19:16 - 0007887 ____C () C:\Documents and Settings\Gregr Radim\Data aplikací\pcouffin.cat
2008-05-31 20:19 - 2008-12-16 19:16 - 0001144 ____C () C:\Documents and Settings\Gregr Radim\Data aplikací\pcouffin.inf
2008-05-31 20:19 - 2008-12-16 19:16 - 0000034 ____C () C:\Documents and Settings\Gregr Radim\Data aplikací\pcouffin.log
2008-05-31 20:19 - 2008-12-16 19:16 - 0047360 ____C (VSO Software) C:\Documents and Settings\Gregr Radim\Data aplikací\pcouffin.sys
2009-11-19 17:22 - 2010-12-24 19:16 - 0138056 ____C () C:\Documents and Settings\Gregr Radim\Data aplikací\PnkBstrK.sys
2008-06-04 09:02 - 2015-10-25 11:24 - 0159744 ____C () C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-03 19:52 - 2014-09-02 19:12 - 0000162 _____ () C:\Documents and Settings\Gregr Radim\Local Settings\Data aplikací\rbxcsettings.rbx

Files to move or delete:
====================
C:\Documents and Settings\Gregr Radim\check.bat


Some files in TEMP:
====================
C:\Documents and Settings\Gregr Radim\Local Settings\temp\atcMedia3761441723029.exe
C:\Documents and Settings\Gregr Radim\Local Settings\temp\DseShExt-x86.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\SDShelEx-win32.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\SkypeSetup.exe
C:\Documents and Settings\Gregr Radim\Local Settings\temp\sqlite-3.8.2-x86-sqlitejdbc.dll
C:\Documents and Settings\Gregr Radim\Local Settings\temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [] => [X]
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [139264 2006-09-13] (Nero AG)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\MountPoints2: {080f4c5e-9d6a-11df-aa21-001d92325b3a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\MountPoints2: {b7536d13-8de8-11df-a9f5-001d92325b3a} - F:\LaunchU3.exe -a
IFEO\applemobilebackup.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\applemobiledevicehelper.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\applemobilesync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\bookmarks.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\calendars.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\contacts.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\defaults.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\distnoted.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\formatter.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\iesyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\mdcrashreporttool.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\outlooksyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\safarisyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncli.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncplanobserver.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncserver.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncuihandler.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\upgradedb.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\windowscontactssync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\windowsmailsync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\yahoosync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {41545534-0076-A76A-76A7-7A786E7484D7} -> No File
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [No File]
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Extension: No Name - C:\Documents and Settings\Gregr Radim\Data aplikacĂ­\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
CHR HomePage: Default -> hxxp://www.search.ask.com/?o=APN10645A& ... 76-535&t=4
CHR RestoreOnStartup: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4"
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4"
CHR HKLM\...\Chrome\Extension: [aaaamlkmhljkmgndohnigdoofhggdnlf] - C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork\Toolbar\ATU4\CRX\ToolbarCR.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.jo
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003Core.job
C:\Documents and Settings\Gregr Radim\check.bat
C:\Documents and Settings\Gregr Radim\Local Settings\temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[radimv]

Fix result of Farbar Recovery Scan Tool (x86) Version:07-11-2015
Ran by Gregr Radim (2015-11-15 22:54:30) Run:1
Running from C:\Documents and Settings\Gregr Radim\Plocha
Loaded Profiles: Gregr Radim (Available Profiles: Gregr Radim)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [] => [X]
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [139264 2006-09-13] (Nero AG)
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\MountPoints2: {080f4c5e-9d6a-11df-aa21-001d92325b3a} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\...\MountPoints2: {b7536d13-8de8-11df-a9f5-001d92325b3a} - F:\LaunchU3.exe -a
IFEO\applemobilebackup.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\applemobiledevicehelper.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\applemobilesync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\bookmarks.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\calendars.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\contacts.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\defaults.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\distnoted.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\formatter.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\iesyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\mdcrashreporttool.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\outlooksyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\safarisyncclient.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncli.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncplanobserver.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncserver.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\syncuihandler.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\upgradedb.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\windowscontactssync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\windowsmailsync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\yahoosync.exe: [Debugger] "C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {41545534-0076-A76A-76A7-7A786E7484D7} -> No File
Toolbar: HKU\S-1-5-21-2025429265-1647877149-839522115-1003 -> No Name - {41545534-0076-A76A-76A7-7A786E7484D7} - No File
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [No File]
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Extension: No Name - C:\Documents and Settings\Gregr Radim\Data aplikacĂ­\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
CHR HomePage: Default -> hxxp://www.search.ask.com/?o=APN10645A& ... 76-535&t=4
CHR RestoreOnStartup: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4"
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 76-535&t=4"
CHR HKLM\...\Chrome\Extension: [aaaamlkmhljkmgndohnigdoofhggdnlf] - C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork\Toolbar\ATU4\CRX\ToolbarCR.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.jo
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003Core.job
C:\Documents and Settings\Gregr Radim\check.bat
C:\Documents and Settings\Gregr Radim\Local Settings\temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => value removed successfully.
"HKU\S-1-5-21-2025429265-1647877149-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{080f4c5e-9d6a-11df-aa21-001d92325b3a}" => key removed successfully.
HKCR\CLSID\{080f4c5e-9d6a-11df-aa21-001d92325b3a} => key not found.
"HKU\S-1-5-21-2025429265-1647877149-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7536d13-8de8-11df-a9f5-001d92325b3a}" => key removed successfully.
HKCR\CLSID\{b7536d13-8de8-11df-a9f5-001d92325b3a} => key not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\applemobilebackup.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\applemobiledevicehelper.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\applemobilesync.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bookmarks.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\calendars.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\contacts.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\defaults.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\distnoted.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\formatter.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iesyncclient.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mdcrashreporttool.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\outlooksyncclient.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\safarisyncclient.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\syncli.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\syncplanobserver.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\syncserver.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\syncuihandler.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\upgradedb.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\windowscontactssync.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\windowsmailsync.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\yahoosync.exe" => key removed successfully.
"HKU\S-1-5-21-2025429265-1647877149-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-0076-A76A-76A7-7A786E7484D7}" => key removed successfully.
HKCR\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7} => key not found.
HKU\S-1-5-21-2025429265-1647877149-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41545534-0076-A76A-76A7-7A786E7484D7} => value removed successfully.
HKCR\CLSID\{41545534-0076-A76A-76A7-7A786E7484D7} => key not found.
"HKCR\PROTOCOLS\Handler\WSISVCUchrome" => key removed successfully.
"HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer" => key removed successfully.
"HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0" => key removed successfully.
C:\Documents and Settings\Gregr Radim\Data aplikacĂ­\Mozilla\Firefox\Profiles\7kb2x3wl.default-1428506887859\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully.
Chrome HomePage => removed successfully.
Chrome RestoreOnStartup => removed successfully.
Chrome StartupUrls => removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\aaaamlkmhljkmgndohnigdoofhggdnlf" => key removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003UA.job => moved successfully
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.jo" => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1647877149-839522115-1003Core.job => moved successfully
C:\Documents and Settings\Gregr Radim\check.bat => moved successfully

"C:\Documents and Settings\Gregr Radim\Local Settings\temp" folder move:

Could not move "C:\Documents and Settings\Gregr Radim\Local Settings\temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-15 22:58:20)

C:\Documents and Settings\Gregr Radim\Local Settings\temp => moved successfully

==== End of Fixlog 22:58:41 ====

[radimv]

Hrozně moc dík za pomoc..z 90ti% procent je od reklam klid..
v Google chrome je to bez problémů..ale když pustím Firefox,tak tam ty reklamy jsou..Sice né už tolik,ale vyskakují..Takže myslím,že nějaká ta havěť v pc ještě bude.

Tak jen kdybych mohl ještě poprosit o nějakou radu..Děkuji.

[Rudy]

Zkusíme ještě tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[radimv]

Zoek.exe v5.0.0.1 Updated 15-November-2015
Tool run by Gregr Radim on po 16.11.2015 at 18:16:58,98.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Gregr Radim\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16.11.2015 18:22:05 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

[radimv]

to mi připadá,že asi nebude přesně co chcete..je to nějaké krátké..

[radimv]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Microsoft Windows XP x86
Ran by Gregr Radim on po 16.11.2015 at 18:29:32,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] pcsuucdrv [Reboot required]



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\189F6D048E923EA48B11D15B30CDAC81
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\661134B612233374391C95E8AC373BA3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A08449608E3CA1F4ABF236256A256754
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A431C8F3F57D7844B89242F5F7A5F62C
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B448F401EF39C8346BF7BE9B8D1C7060
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D538E650623CB2C43AD5FBF587227D55
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551110}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files\mindspark



~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\Gregr Radim\Data aplikací\mozilla\firefox\profiles\7kb2x3wl.default-1428506887859\prefs.js

user_pref(browser.search.defaulturl, hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&);
user_pref(extensions.foxcub.config.encodedConfig, {\core\:{\configUrl\:\hxxp://download.seznam.cz/software/conf/\,\configUrlSecure\:\hxxps://download.seznam.cz/sof
user_pref(extensions.foxcub.prev.HP, hxxps://mysearch.avg.com?cid={2828E7D2-9B16-4922-A114-534E3F1562A9}&mid=a6868eb027a747cd918dd154d4d6b2c9-47e9c89f65b4503d73419ce6682887
user_pref(keyword.URL, hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&);





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 16.11.2015 at 18:34:46,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Rudy]

OK. Změnilo se něco k lepšímu?